Hi Daniel, hi Stuart On Mon, Mar 11, 2013 at 11:34:49AM +0100, Raphael Geissert wrote: > Package: ganglia > Version: 3.3.8-1 > Severity: grave > Tags: security > Control: clone -1 -2 > Control: reassign -2 src:ganglia-web 3.5.2-1 > X-Debbugs-cc: [email protected] > > Hi again, > > Given the recent issues in Ganglia's web frontend and a review of some > portions of the code we, as in the security team, have decided to > limit ganglia's security support to installations behind a trusted > HTTP zone. > Any vulnerability that is only relevant when exposing ganglia's web > frontend to a non-secure zone will therefore be treated as a non-issue > by the security team. They could still be fixed via a SPU, however. > > As such, please add a README.Debian.security file briefly mentioning > the limited security support, effective for the version in wheezy and > newer.
Looks the changes from 3.3.8-1+nmu1 got lost with the recent upload. Could you please re-add back the debian/README.Debian.security file describing the limited support? See, #702775. Regards, Salvatore -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

