diff options
author | Nico Golde <nion@debian.org> | 2008-11-29 17:16:12 +0000 |
---|---|---|
committer | Nico Golde <nion@debian.org> | 2008-11-29 17:16:12 +0000 |
commit | 538f2d23a547f5ecd6cdb4f85eb010f247b23505 (patch) | |
tree | acee0eee2aa69aaee06cb9cd9ee3ac7876fa4315 /doc/narrative_introduction | |
parent | ba3913b06018268ba974af28edf2ae1e73775013 (diff) |
flashplugin-nonfree and other downloaders handled as NFU from now on (security team meeting), documented
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@10534 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'doc/narrative_introduction')
-rw-r--r-- | doc/narrative_introduction | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/narrative_introduction b/doc/narrative_introduction index c45bba7f2e..aa06eb4ef0 100644 --- a/doc/narrative_introduction +++ b/doc/narrative_introduction @@ -114,7 +114,12 @@ Issues Not-For-Us (NFU) ----------------------- Processing your claimed entries is done by first seeing if the issue is related to any software packaged in Debian, if it isn't a package -in Debian and has no ITP then you note that in the file, for example: +in Debian and has no ITP then you note that in the file. Another case +are meta packages that only provide a downloader (e.g. flashplugin-nonfree). +There is no way to mark such packages as we have no influence on the version +and technically the code is not present in Debian. + +Example: CVE-2005-3018 (Apple Safari allows remote attackers to cause a denial of service ...) |