[Cvsnt] Does the zlib security hole affect CVSNT?
Tony Hoyle
tmh at nothing-on.tv
Tue Mar 12 08:30:45 GMT 2002
Brian Smith wrote:
> I know that the ccvs.cvshome.org people have upgraded the version of
> zlib they use, presumably due to the security vulnerability that was
> announced (see, for example, slashdot.org). So, I would guess that the
> same vulnerability would affect CVSNT.
>
> If so, maybe there should be a quick one-off release for the current
> stable version that addresses this issue?
>
The cvsnt zlib is a slightly different version anyway... The
'vulnerability'
just causes zlib to crash - it's a bug, not a security problem -
crashing cvs would just cause the current cvs.exe to exit, not really do
any harm.
If I can find a patch for it I'll stick it in.
Tony
_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
More information about the cvsnt
mailing list