Re: addition: CVS off by one

From: Michal Zalewski (lcamtuf@coredump.cx)
Date: 05/25/02


Date: Sat, 25 May 2002 17:24:39 -0400 (EDT)
From: Michal Zalewski <lcamtuf@coredump.cx>
To: david evlis reign <davidreign@hotmail.com>

On Sat, 25 May 2002, david evlis reign wrote:

> silently fixed in 1-1.2. must have applied the patch before even we knew
> about it. :>

On a side note, anyone know what happened with a serious and annoying
client-side vulnerability in CVS reported long long time ago
[http://online.securityfocus.com/bid/1523]? I sent a mail to some CVS
development list, but it seemed to be largely disfunctional, and I
couldn't find any reasonable patches... Is CVS pretty much abandoned, or
they just don't care? Or am I wrong and this issue is fixed?

-- 
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/