Hi all! <http://security.e-matters.de/advisories/092004.html> In most cases, this is a bit vague on when an attacker can trigger the bugs. pserver without authentication? pserver anonymous access? pserver readonly access? pserver commit access? ssh/local access? In a few cases, it is mentioned that CVSROOT commit access is needed, so these are no problem. But the others? greetings -- vbi [please don't cc: me] -- Could this mail be a fake? (Answer: No! - http://fortytwo.ch/gpg/intro)
Attachment:
pgp8Qzanj2bov.pgp
Description: signature