Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: addition: CVS off by one

From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sat, 25 May 2002 17:24:39 -0400 (EDT)
On Sat, 25 May 2002, david evlis reign wrote:


silently fixed in 1-1.2. must have applied the patch before even we knew
about it. :>


On a side note, anyone know what happened with a serious and annoying
client-side vulnerability in CVS reported long long time ago
[http://online.securityfocus.com/bid/1523]? I sent a mail to some CVS
development list, but it seemed to be largely disfunctional, and I
couldn't find any reasonable patches... Is CVS pretty much abandoned, or
they just don't care? Or am I wrong and this issue is fixed?

-- 
_____________________________________________________
Michal Zalewski [lcamtuf () bos bindview com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/
Previous By Date Next
Previous By Thread Next

Current thread: