[pkg-horde] CVE-2007-1515: imp4/etch not vulnerable

Nico Golde nion at debian.org
Mon Sep 24 10:04:01 UTC 2007

* Gregory Colpart <reg at evolix.fr> [2007-09-24 11:26]:
> I report that imp4/etch is *not* vulnerable for 
> CVE-2007-1515 (corrected in #415117). I add CVE-id to imp4's
> changelog in our GNU Arch repository but I mention it here
> because no upload is expected in next weeks.

Thanks, marked this in the tracker, I can confirm this.
Please include some information why it is not affected next 
time since it took me some time now to find out that you 
already patch the code in diff.gz while the code in the 
tarball is vulnerable.
Kind regards
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/attachments/20070924/26b3df46/attachment.pgp 

More information about the pkg-horde-hackers mailing list