Vulnerability Development mailing list archives
Re: addition: CVS off by one
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sat, 25 May 2002 17:24:39 -0400 (EDT)
On Sat, 25 May 2002, david evlis reign wrote:
silently fixed in 1-1.2. must have applied the patch before even we knew about it. :>
On a side note, anyone know what happened with a serious and annoying client-side vulnerability in CVS reported long long time ago [http://online.securityfocus.com/bid/1523]? I sent a mail to some CVS development list, but it seemed to be largely disfunctional, and I couldn't find any reasonable patches... Is CVS pretty much abandoned, or they just don't care? Or am I wrong and this issue is fixed? -- _____________________________________________________ Michal Zalewski [lcamtuf () bos bindview com] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
Current thread:
- addition: CVS off by one david evlis reign (May 25)
- Re: addition: CVS off by one Michal Zalewski (May 26)