At 13:16 -0500 10/9/03, Tilghman Lesher wrote:
>Read the security vulnerability. It referenced CVS as of a certain
>date. If you aren't keeping up with CVS changes, why are you running
>CVS at all?
The security advisory merely says update using CVS to a date later than Aug 15.
It does not indicate when the hole appeared. So until the development team
or someone else informs of us when the hole appeared we have to assume it
was in the last release version.
Are you telling us that the 0.4.0 release in April is safe?
I note the there is now 0.5.0 release dated today in the ftp server which
is welcome news.
Thanks Mark!
f
_______________________________________________
Asterisk-Users mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-users
