Moritz Muehlenhoff <[EMAIL PROTECTED]> writes: > We've discussed this at the Security Team meeting in Essen and we don't > have a problem with qmail being included in Lenny.
You are aware of upstream's attitude towards security holes? There are lots of assumptions like "nobody will ever do ...". E.g, quoting from http://cr.yp.to/qmail/guarantee.html : In May 2005, Georgi Guninski claimed that some potential 64-bit portability problems allowed a ``remote exploit in qmail-smtpd.'' This claim is denied. Nobody gives gigabytes of memory to each qmail-smtpd process, so there is no problem with qmail's assumption that allocated array lengths fit comfortably into 32 bits. And as we all know, nobody needs more than 640 kB RAM anyway :-) Bjørn -- If you've seen one Jewish grandmother, you've seen them all, huh? So, Mexican people are inherently superior to old people -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]