CVS Review needed
Howard Owen
hbo at egbok.com
Tue Jun 1 19:24:14 UTC 2004
CAN-2004-0414 through 418 are still "reserved."
Looking at the sources in
http://download.fedoralegacy.org/redhat/7.3/updates-testing/SRPMS/cvs-1.11.1p1-14.legacy.3.src.rpm
03cvs-client-exploit-fix-1.11.2.diff contains a patch similar to the
OpenBSD patch for CAN-2004-0180.
ccvs-exploit-20040519.2.diff contains a patch similar to the
FreeBSD and OpenBSD patches for CAN-2004-0396.
On Tue, 1 Jun 2004, Jesse Keating wrote:
> There is a sudden influx of CVS issues, and I'm not sure what all CVEs
> our packages address. Can some of you check
> https://bugzilla.fedora.us/show_bug.cgi?id=1620 for the following CVE
> coverage:
>
> CAN-2004-0180 CAN-2004-0396 CAN-2004-0414 CAN-2004-0416 CAN-2004-0417
> CAN-2004-0418
>
> Thanks.
>
>
--
Howard Owen "Even if you are on the right
EGBOK Consultants track, you'll get run over if you
hbo at egbok.com +1-650-218-2216 just sit there." - Will Rogers
More information about the fedora-legacy-list
mailing list