On Tue, Dec 04, 2007 at 01:46:46PM +0100, Nico Golde wrote:
> YFYI this got CVE-2007-6209.
Thanks. I'll upload a fix later on today.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi Clint,
YFYI this got CVE-2007-6209.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpSCAlFhJSIW.pgp
Description: PGP signature
Hi Clint,
* Clint Adams <[EMAIL PROTECTED]> [2007-12-03 00:47]:
> On Sun, Dec 02, 2007 at 10:11:29PM +0100, Nico Golde wrote:
> > referring to https://bugs.gentoo.org/show_bug.cgi?id=201022
> > the difflog.pl script shipped by zsh is prone to a symlink
> > attack. I verified this is also the case
On Sun, Dec 02, 2007 at 10:11:29PM +0100, Nico Golde wrote:
> referring to https://bugs.gentoo.org/show_bug.cgi?id=201022
> the difflog.pl script shipped by zsh is prone to a symlink
> attack. I verified this is also the case in the Debian
> package of zsh.
Probably best to drop it from the bin
Package: zsh
Version: 4.3.4-26
Severity: important
Tags: security
Hi,
referring to https://bugs.gentoo.org/show_bug.cgi?id=201022
the difflog.pl script shipped by zsh is prone to a symlink
attack. I verified this is also the case in the Debian
package of zsh.
I am waiting for a CVE id for this.
5 matches
Mail list logo
