Prev-20 Home Next-20 3 msg Re: [SECURITY] [DSA 912-1] New centericq packag... 14 msg chkrootkit has me worried! 1 msg Re: [SECURITY] [DSA 906-1] New sylpheed package... 1 msg radvd setuid dir? 3 msg Re: EAC - Armored Car and SUV Specialist - Ince... 6 msg Restricting ssh access to internet but not to i... 1 msg Does anyone have experiences with plash? 1 msg Re: Re: Putty 0.45 vs. SSH Login 1 msg hi you doing today What is a security bug? \ Florian Weimer (23 Nov 2005) . \ Jasper Filon (23 Nov 2005) . . \ Rolf Kutz (23 Nov 2005) . . \ Florian Weimer (23 Nov 2005) . . . \ Noah Meyerhans (23 Nov 2005) . . . . \ Florian Weimer (24 Nov 2005) . . \ Sels, Roger (23 Nov 2005) . . \ Steve Kemp (23 Nov 2005) . . . \ Michelle Konzack (25 Nov 2005) . . . . \ Rolf Kutz (25 Nov 2005) . . . . . \ Michelle Konzack (28 Nov 2005) . . . . . . \ Rolf Kutz (28 Nov 2005) . . . . . . . \ Michelle Konzack (30 Nov 2005) . . . . . . . . \ Rolf Kutz (30 Nov 2005) . . . . . . \ Jochen Striepe (28 Nov 2005) . . . . . . . \ Florian Weimer (28 Nov 2005) . . . . . . . . \ Jochen Striepe (29 Nov 2005) . . . . . . \ Florian Weimer (28 Nov 2005) . . . . \ Norbert Tretkowski (25 Nov 2005) . . . . \ Blars Blarson (25 Nov 2005) . . \ Bernd Eckenfels (23 Nov 2005) . . . \ Javier Fernández-Sanguino Peña (24 Nov 2005) . . \ Moritz Muehlenhoff (1 Dec 2005) . \ Mark Seaborn (23 Nov 2005) . \ Thomas Bushnell BSG (24 Nov 2005) . . \ Marc Haber (24 Nov 2005) . . . \ Thomas Bushnell BSG (24 Nov 2005) . . . . \ Dale Amon (24 Nov 2005) . . . . . \ Thomas Bushnell BSG (25 Nov 2005) . . . \ Hubert Chan (24 Nov 2005) . . \ Michael Stone (24 Nov 2005) . . . \ Micah Anderson (24 Nov 2005) . . \ Florian Weimer (24 Nov 2005) . . . \ Thomas Bushnell BSG (25 Nov 2005) 1 msg Re: Hardware Empfehlung (Mainboard AMD64X2) fue... 1 msg subscripe 2 msg Re: [SECURITY] [DSA 900-1] New fetchmail packag... 1 msg Re: [SECURITY] [DSA 900-1] New fetchmail packag... 3 msg DSA translations 1 msg Warning: Ending maintenance of my Mozilla/Firef... 2 msg Re: [SECURITY] [DSA 898-1] New phpgroupware pac... 2 msg Debian bad i386 Release file signature on Nov 9? 5 msg PMASA-2005-6 when 'register_globals = on' 2 msg Sell Your Organs Online! Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security Nov-2005 Next-Thread Next-Msg Subject: What is a security bug? Group: Debian-security From: Florian Weimer Date: 23 Nov 2005 It seems that I have difficulty understanding what constitutes a security bug in a web browser. Suppose that the web browser always crashes when confronted with certain input, losing all of its state. With tabbed browsing, multiple browser opened by the same process etc., this means that potentially important work is lost. Is this a security bug? Or is this more in the category of "don't do that, then"? I used to laugh at office regulations which recommend closing all applications (including internal web applications) when browsing the Internet, but if software vendors don't consider such crash bugs a priority issue, they do make sense. -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security Nov-2005 Next-Thread Next-Msg

© 2004-2008 readlist.com