Re: CVE-2007-1515: imp4/etch not vulnerable

To: "Gregory Colpart" <reg@evolix.fr>
Cc: debian-security-tracker@lists.debian.org, pkg-horde-hackers@lists.alioth.debian.org
Subject: Re: CVE-2007-1515: imp4/etch not vulnerable
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Mon, 24 Sep 2007 12:01:07 +0200 (CEST)
Message-id: <[🔎] 40498.145.92.27.26.1190628067.squirrel@wm.kinkhorst.nl>
In-reply-to: <[🔎] 20070924074216.GC3213@test-scsi>
References: <[🔎] 20070924074216.GC3213@test-scsi>

On Mon, September 24, 2007 09:42, Gregory Colpart wrote:
> I report that imp4/etch is *not* vulnerable for
> CVE-2007-1515 (corrected in #415117). I add CVE-id to imp4's
> changelog in our GNU Arch repository but I mention it here because no
> upload is expected in next weeks.

Thanks for letting us know. Could you briefly say why it's not vulnerable,
e.g. the vulnerable code is not in that version, or some other reason?

Thanks!
Thijs

Reply to:

Follow-Ups:
- Re: CVE-2007-1515: imp4/etch not vulnerable
  - From: Gregory Colpart <reg@evolix.fr>

References:
- CVE-2007-1515: imp4/etch not vulnerable
  - From: Gregory Colpart <reg@evolix.fr>

Prev by Date: CVE-2007-1515: imp4/etch not vulnerable
Next by Date: Re: CVE-2007-1515: imp4/etch not vulnerable
Previous by thread: CVE-2007-1515: imp4/etch not vulnerable
Next by thread: Re: CVE-2007-1515: imp4/etch not vulnerable
Index(es):
- Date
- Thread