This bug isn't covered by the list of issues meriting a serious bug in http://release.debian.org/sarge_rc_policy.txt. I don't really buy it
being a security bug either; while it may introduce some small
additional exposure, it doesn't "introduce a security hole on systems
where you install the package", and if that were true then the
vulnerability in inetd should simply be fixed. In general design issues
like this don't merit serious bugs unless the maintainer says so.
I'm therefore setting the severity back to its previous value of normal.
Sorry.
severity 261906 normal
thanks
This bug isn't covered by the list of issues meriting a serious bug in release. debian. org/sarge_ rc_policy. txt. I don't really buy it
http://
being a security bug either; while it may introduce some small
additional exposure, it doesn't "introduce a security hole on systems
where you install the package", and if that were true then the
vulnerability in inetd should simply be fixed. In general design issues
like this don't merit serious bugs unless the maintainer says so.
I'm therefore setting the severity back to its previous value of normal.
Sorry.
Cheers,
--
Colin Watson [<email address hidden>]