Hi tcwardr...@gmail.com, I confess I'm not entirely certain how to respond to this suggestion of yours ...
If, on the one hand, you actually are a black-hat, who has put in the effort to actually analyse this for your own benefit - then I tip my hat to you and your art, and wish you all the best in your future endeavours. I'm sure it's quite evident that you'll find lots of low hanging fruit here, even if we don't plant a whole new orchard of it for you. If, on the other hand, you aren't, and haven't ... then, uh ... maybe we should discuss the other ... uh, opportunities ... open to you, like ... uh ... how about this one perhaps: I have many milleons of DOLLURS ($ many,000,000,000,000) LEGITAMITELY obtained from the vaults of Sadd@m that I wish to transfer to YOUR b * n k a c c * u n t. But we must do it with UT MOST SECR3CY. I am sure that you will understand this valuabl proposition for our mutial benerfit. We can let all users decide on their own if they want to be a part of this once in a lifetime bonanza, right? It's not like they'd blame us if all the extra work to put them at risk then blew up in their faces ... would they? On Sat, Jun 23, 2012 at 09:54:07PM +0200, tcwardr...@gmail.com wrote: > Hi folks, > > I guess shipping both versions with wheezy is not a viable option? > At least I think that it would make sense. Disclaimer in the readme, > explanation of the situation, if a major security exploit does > surface (a mumble-client-crash is not a major security risk imho), > remove that second version (if there is no somewhat easy fix at that > time). Call the package mumble-client-buggy that conflicts with the > "normal" client and I guess all users can decide on their own if > they want to be safe or actually talk to other people. > > regards > Michael > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
