|
| From: | anonymous |
| Subject: | [Bug-gnu-arch] [bug #31160] tla-1.3.5 uses old and vulnerable version of libneon |
| Date: | Wed, 29 Sep 2010 04:54:02 +0000 |
| User-agent: | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 1.1.4322; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) |
URL:
<http://savannah.gnu.org/bugs/?31160>
Summary: tla-1.3.5 uses old and vulnerable version of
libneon
Project: GNU arch -- a revision control system
Submitted by: None
Submitted on: Wed 29 Sep 2010 04:54:01 AM UTC
Category: tla
Severity: 3 - Normal
Item Group: bug
Status: None
Privacy: Public
Open/Closed: Open
Discussion Lock: Any
Release: tla-1.3.5
Fixed Release:
Merge Request?: None
Your Archive Name: Silvio Cesare
Your Archive Location: Melbourne, Australia
Assigned to: None
_______________________________________________________
Details:
The latest version of tla (1.3.5) is using a version of libneon which has has
at least one outstanding vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473
I do not know much about tla, so I am unsure what the impact of this
vulnerability is and how libneon is used in tla.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?31160>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
| [Prev in Thread] | Current Thread | [Next in Thread] |