[cvsnt] Re: Which version of CVS is CVSNT 2.0.12 based on?

Oliver Giesen ogware at gmx.net
Fri May 21 12:28:12 BST 2004


Tony Hoyle wrote:

> I have never heard of this & Derek Price usually notifies me of any
> relevant security problems.  A quick look at the code shows CVSNT not
> to be vulnerable to this - it looks like a problem introduced after
> the code forked - there's an explicit check for multiple invocations
> of modified/unchanged in the code.

BTW: Did you receive any more messages from David Burley (Sourceforge) 
about this? I already got another two reports of users who ran into the 
"Move away ..." problem after applying that security patch to their 
servers (upgrading to 2.0.41a helped though). If he mentioned anything 
about the server-side solution I'd like to forward it to those users...

Cheers,

-- 
Oliver
----	------------------
JID:	ogiesen at jabber.org
ICQ:	18777742	(http://wwp.icq.com/18777742)



More information about the cvsnt mailing list