Marc Haber <mh+debian-de...@zugschlus.de> writes: > Will you also check Debian unstable? It is much easier to have a package > in unstable fixed, and I suspect that not every crash you find will be a > security relevant one.
I suspect most of them won't be, actually, or at least will be difficult to exploit. A lot of command-line binaries that are only ever run by a regular user aren't particularly well-hardened against things like corrupt configuration files or weird command-line options, but usually those problems aren't really exploitable except under very artificial situations. Still, it's a robustness bug and I'm very happy to see them reported and fixed. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87vc52m3kj....@windlord.stanford.edu
