[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-security
Subject: Re: vulnerabilities in CVS?
From: Steve McIntyre <steve () einval ! com>
Date: 2004-09-28 8:25:56
Message-ID: 20040928082556.GB1794 () einval ! com
[Download RAW message or body]
On Mon, Sep 27, 2004 at 01:27:46PM +0100, Steve Kemp wrote:
>On Sun, Sep 26, 2004 at 03:46:44PM +0200, Robert Millan wrote:
>
>> > CVE Name: CAN-2004-0414, CAN-2004-0416, CAN-2004-0417, CAN-2004-0418,
>> > CAN-2004-0778
>
> CAN-2004-0416, CAN-2004-0417, and CAN-2004-0418 were fixed in DSA-519.
>
> CAN-2004-0414 was fixed in DSA-517.
>
> So it looks like only 418, and 0778 aren't addressed, these may or
> may not be severe. I notice that DSA-505 fixed CAN-2004-0396, for what
> that's worth..
No, just 0778. I must admit that I'd lost track of that one - see
#266721. Unfortunately (see my post to -private), I'm unable to do
anything about it for the next few days. An NMU for that would be
welcome, otherwise I expect to pick it up at the weekend.
--
Steve McIntyre, Cambridge, UK. steve@einval.com
"Further comment on how I feel about IBM will appear once I've worked out
whether they're being malicious or incompetent. Capital letters are forecast."
Matthew Garrett, http://www.livejournal.com/users/mjg59/30675.html
["signature.asc" (application/pgp-signature)]
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic