On Thu, 2009-09-17 at 23:13 +0100, Steve Kemp wrote: > 4) The package downloads insecure code and directly executes it. I'd have counted these to (1),... because downloading and "just" installing means automatically, that it's likely to be executed at some point.
Of course it's even worse if this is definitely sure ;) Chris. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
