[Cvsnt] Does the zlib security hole affect CVSNT?

Tony Hoyle tmh at nothing-on.tv
Tue Mar 12 08:30:45 GMT 2002


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Brian Smith wrote:
> I know that the ccvs.cvshome.org people have upgraded the version of
> zlib they use, presumably due to the security vulnerability that was
> announced (see, for example, slashdot.org). So, I would guess that the
> same vulnerability would affect CVSNT.
>
> If so, maybe there should be a quick one-off release for the current
> stable version that addresses this issue?
>
The cvsnt zlib is a slightly different version anyway...  The
'vulnerability'
just causes zlib to crash - it's a bug, not a security problem -
crashing cvs would just cause the current cvs.exe to exit, not really do
any harm.

If I can find a patch for it I'll stick it in.

Tony


_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook