[Secure-testing-team] sql-ledger in testing
Moritz Muehlenhoff
jmm at inutil.org
Sun Oct 21 16:49:11 UTC 2007
On Sun, Oct 21, 2007 at 03:17:58PM +0200, Thijs Kinkhorst wrote:
> On Sunday 21 October 2007 14:04, Steffen Joeris wrote:
> > Well my point is that sql-ledger is in stable (and not security supported),
> > which is the way it is. For lenny this should, IMHO, not happen again. I
> > personally see it that way:
>
> I respectfully disagree with this. In my opinion, when you cannot trust your
> authenticated users of sql-ledger, you've got a lot bigger problems than this
> security issue.
I agree.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list