Re: Bug#15484: cvs in bo is still vulnerable
On Sat, Nov 29, 1997 at 10:02:00PM +0100, Martin Schulze wrote:
> Package: cvs
> Version: bo version
> Severity: grave
>
> Hmbf,
>
> the version of cvs in bo is still vulnerable to the pserver bug. I'm
> sorry, but at the moment I can't provide a bugtraq or cert message,
> but there was one.
>
> Tom Lees told me:
>
> The cvs in bo is vulnerable. The cvs in hamm is not.
> This hole was fixed in upstream release 1.9.10.
>
> If you want a version for bo which is not vulnerable, report it as a
> bug (add a header "Severity: grave").
>
> which I'm hereby doing. Can we please have an upload to bo-fixed.
This means putting a new version (1.9.10 vs 1.9) into bo. Should I do this?
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: