On Tue, Jun 15, 2010 at 07:28:40AM -0400, Stephen Gallagher wrote: > Can someone explain to me why a package whose update comment lists > "added patch that fixes insufficient environment sanitization issue > (CVE-2010-1646)" is not marked as a security bug?
No, because according to the Bodhi web interface it is a security update: https://admin.fedoraproject.org/updates/sudo-1.7.2p6-2.fc13 If it is not in some other interface, it usually helps to specify where it is not. Regards Till
pgpDz13VImGcx.pgp
Description: PGP signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
