On Thu, Jan 23, 2003 at 05:35:26PM +0100, Bastian Kleineidam wrote: > On Tue, Jan 21, 2003 at 07:47:11AM +0100, Martin Schulze wrote: > > > I suggest to disable the above two modules in python2.2 (which is in > > > woody), even if existing applications can break. What do you think? > > > > I'd rather know about the vulnerability (and maybe doko is able to > > implement a fix) than to blindly castrate software. Theo d.R. already > > taught us that blindly releasing updates are not good. > > Yup, ok. I will see if I can identify packages using rexec or Bastion > and provide patches for them instead of disabling modules.
Were you able to make any progress with this? -- - mdz
