[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] CVS Heap Overflow Vulnerability

Hi Emiliano,

Emiliano Sutil wrote:
I have received this alert
US-CERT Technical Cyber Security Alert TA04-147A -- CVS Heap Overflow Vulnerability

yes, see http://www.uscert.gov/cas/techalerts/TA04-147A.html - take a look at the description:

| US-CERT is tracking this issue as VU#192038. This reference number
| corresponds to CVE candidate CAN-2004-0396.

Searching for cvs in my mailbox:

| Subject: [suse-security] SUSE Security Announcement: cvs
| (SuSE-SA:2004:013)
| Date: Wed, 19 May 2004 13:16:00 +0200 (CEST)
| From: krahmer@xxxxxxx (Sebastian Krahmer)
| To: suse-security@xxxxxxxx
|        Cross References:       CAN-2004-0396

Same CAN reference. IMHO the US-CERT is too slow...


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here