Re: [suse-security] CVS Heap Overflow Vulnerability

Hi Emiliano, Emiliano Sutil wrote:

I have received this alert US-CERT Technical Cyber Security Alert TA04-147A -- CVS Heap Overflow Vulnerability

yes, see http://www.uscert.gov/cas/techalerts/TA04-147A.html - take a look at the description: ,------- | US-CERT is tracking this issue as VU#192038. This reference number | corresponds to CVE candidate CAN-2004-0396. `------- Searching for cvs in my mailbox: ,------- | Subject: [suse-security] SUSE Security Announcement: cvs | (SuSE-SA:2004:013) | Date: Wed, 19 May 2004 13:16:00 +0200 (CEST) | From: krahmer@suse.de (Sebastian Krahmer) | To: suse-security@suse.com ---8<--- | Cross References: CAN-2004-0396 `------- Same CAN reference. IMHO the US-CERT is too slow... GTi