|
Message-ID: <20090120094206.GC18280@suse.de> Date: Tue, 20 Jan 2009 10:42:06 +0100 From: Sebastian Krahmer <krahmer@...e.de> To: oss-security@...ts.openwall.com Subject: Re: CVE request -- git On Tue, Jan 20, 2009 at 10:31:58AM +0100, Tomas Hoger wrote: > > > > Only opensuse 11.0 and 11.1 were affected by diff.external > > issue and packages have been released for that. > > SUSE-SR:2009:001 only mentions fix for 10.3. I probably missed other > report mentioning fixes in 11.x. I am not the Incident Manager in charge, but AFAIR both issues have been tracked separately and the remote-fix has been released sooner, also b/c of its larger severity, which makes sense. Honestly, diff.external is not a very severe bug but it will probably be announced in the weekly report (if it hasnt). Additionally, the autoupdater shows exactly which issues have been fixed. Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team ~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.