[pkg-horde] CVE-2007-1515: imp4/etch not vulnerable
Nico Golde
nion at debian.org
Mon Sep 24 10:04:01 UTC 2007
Hi,
* Gregory Colpart <reg at evolix.fr> [2007-09-24 11:26]:
> I report that imp4/etch is *not* vulnerable for
> CVE-2007-1515 (corrected in #415117). I add CVE-id to imp4's
> changelog in our GNU Arch repository but I mention it here
> because no upload is expected in next weeks.
Thanks, marked this in the tracker, I can confirm this.
Please include some information why it is not affected next
time since it took me some time now to find out that you
already patch the code in diff.gz while the code in the
tarball is vulnerable.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/attachments/20070924/26b3df46/attachment.pgp
More information about the pkg-horde-hackers
mailing list