[Secure-testing-team] GForge: CVE-2007-4966 and CVE-2007-3913

Nico Golde debian-secure-testing+ml at ngolde.de
Tue Oct 2 12:39:57 UTC 2007


Hi Thijs,
* Thijs Kinkhorst <thijs at debian.org> [2007-10-02 13:45]:
> CVE-2007-4966 has been marked as a duplicate of CVE-2007-3913 in the
> tracker, and I think rightly so. Has anyone tried to "exploit" of 4966 on
> a fixed version of Gforge just to be sure?

Yes I did this when marking it as duplicate to backup my 
NOTE.

> Has anyone contacted Mitre about this duplication?

Done now.

Kind regards
Nico
-- 
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071002/7a50a532/attachment.pgp 


More information about the Secure-testing-team mailing list