Matthew Seaman wrote:
On Wed, Sep 08, 2004 at 10:01:23AM -0500, Chris wrote:

While running portaudit, I get the complaint;

Affected package: FreeBSD-502010
Type of problem: multiple vulnerabilities in the cvs server code.
Reference: <>
Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf

Am I to assume this is only if you run a cvs server? OR -
does this relate to the SA's put out earlier this year about the src.

Did you read the referenced portaudit page or any of the links
supplied by it?  There are several vulnerabilities, most of which
affect the CVS server, but one fairly minor that affects the CVS

The FreeBSD advisory SA-O4:07.cvs refers to a different problem:

As you can see, the VuXML entry you're getting warnings about is dated
a month after the security advisory:

However, the update given in the security advisory is to a version of
CVS unaffected by either vulnerability.  Update your system to the
latest patchlevel and the problem will be fixed.

This has been done, 5.2.1-RELEASE-p9

-- Best regards, Chris

Working capital doesn't.
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to