On Tue, 25 Jun 2013 01:28:10 -0400, Alexandre Rebert <alexandre.reb...@gmail.com> wrote: >I am a security researcher at Carnegie Mellon University, and my team >has found thousands of crashes in binaries downloaded from debian >wheeze packages. After contacting ow...@bugs.debian.org, Don Armstrong >advised us to contact you before submitting ~1.2K bug reports to the >Debian BTS using mainto...@bugs.debian.org (to avoid spamming >debian-bugs-dist).
Will you also check Debian unstable? It is much easier to have a package in unstable fixed, and I suspect that not every crash you find will be a security relevant one. Additionally, I guess that the vast majority of crahes you have found will be upstream bugs which the Debian maintainer would have to forward upstream. Will you take efforts to report these bugs to upstream as well? Will you check distributions other than Debian, and how will you make sure that the upstreams are no swamped with identical bug reports from each of their downstream distributions? Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1urvk2-0000qf...@swivel.zugschlus.de
