Hi, * Mike Massonnet <mmasson...@gmail.com> [2009-07-22 16:36]: > 2009/7/22 Nico Golde <debian-release...@ngolde.de>: > > I'd vote for removing it completely with my security team > > hat on. Regarding just this bug it should work to fix this > > with: > > screenshot_cmd scrot $(mktemp -d /tmp/scrot_slim.XXXXXX)/scrot.jpg > > > > as this is passed to system(), I didn't test this though. > > What does this mean for the state of the package version in lenny? Do > you or not consider to remove it?
For lenny this is no option as vulnerable installations would stay vulnerable. > Except the screenshot command I haven't been noticed of anything else. What do you mean? What about #529306 and #536542? > And what does it mean for the state of the package > version in sid? Is the new version considered to > be left out from the debian archive? I'd remove slim completely from unstable. Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpyGMHUIma1C.pgp
Description: PGP signature
