diff options
author | Nico Golde <nion@debian.org> | 2008-11-29 17:16:12 +0000 |
---|---|---|
committer | Nico Golde <nion@debian.org> | 2008-11-29 17:16:12 +0000 |
commit | 33e50c1f3b57c48a2c08c9cca704859aeff02eea (patch) | |
tree | 4e0dfd54b13845577d09ab39a55bf50f3ecd4cbb /doc/narrative_introduction | |
parent | bc92354cc671834227b79e4bc63335870cdbc636 (diff) |
flashplugin-nonfree and other downloaders handled as NFU from now on (security team meeting), documented
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10534 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc/narrative_introduction')
-rw-r--r-- | doc/narrative_introduction | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/narrative_introduction b/doc/narrative_introduction index c45bba7f2e..aa06eb4ef0 100644 --- a/doc/narrative_introduction +++ b/doc/narrative_introduction @@ -114,7 +114,12 @@ Issues Not-For-Us (NFU) ----------------------- Processing your claimed entries is done by first seeing if the issue is related to any software packaged in Debian, if it isn't a package -in Debian and has no ITP then you note that in the file, for example: +in Debian and has no ITP then you note that in the file. Another case +are meta packages that only provide a downloader (e.g. flashplugin-nonfree). +There is no way to mark such packages as we have no influence on the version +and technically the code is not present in Debian. + +Example: CVE-2005-3018 (Apple Safari allows remote attackers to cause a denial of service ...) |