Re: Bug#15484: cvs in bo is still vulnerable

To: Martin Schulze <joey@finlandia.infodrom.north.de>, 15484@bugs.debian.org
Cc: Debian Development <debian-devel@lists.debian.org>
Subject: Re: Bug#15484: cvs in bo is still vulnerable
From: Tom Lees <tom@lpsg.demon.co.uk>
Date: Sun, 7 Dec 1997 10:23:24 +0000
Message-id: <[🔎] 19971207102324.57165@lpsg>
In-reply-to: <m0xbu2P-001MTWC@finlandia.Infodrom.North.DE>; from Martin Schulze on Sat, Nov 29, 1997 at 10:02:00PM +0100
References: <m0xbu2P-001MTWC@finlandia.Infodrom.North.DE>

On Sat, Nov 29, 1997 at 10:02:00PM +0100, Martin Schulze wrote:
> Package: cvs
> Version: bo version
> Severity: grave
> 
> Hmbf,
> 
> the version of cvs in bo is still vulnerable to the pserver bug.  I'm
> sorry, but at the moment I can't provide a bugtraq or cert message,
> but there was one.
> 
> Tom Lees told me:
> 
>   The cvs in bo is vulnerable. The cvs in hamm is not.
>   This hole was fixed in upstream release 1.9.10.
> 
>   If you want a version for bo which is not vulnerable, report it as a
>   bug (add a header "Severity: grave").
> 
> which I'm hereby doing.  Can we please have an upload to bo-fixed.

This means putting a new version (1.9.10 vs 1.9) into bo. Should I do this?


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: Re: announcement lists
Next by Date: intent to package rinetd
Previous by thread: Re: Compiling question
Next by thread: intent to package rinetd
Index(es):
- Date
- Thread