[thelist] News Item: Major Security Flaw in CVS

shawn allen shawn at alterior.net
Thu Jan 23 13:29:21 CST 2003

quoth James Aylard:
> If this has made the rounds on this list, I missed it, although I'm
> sure it's all over the place elsewhere by now:
> http://news.com.com/2100-1001-981830.html
> Not to start a flame war, I do hope that this brings a bit of balance to
> the commercial vs. open source debate.

Huh? The CVS developers released a patch on the *day* this was released.
When's the last time any commercial vendor released a vulerability patch
so quickly?

And who's to say that there aren't many more such vulnerabilities in
commercial packages that we don't know about?

shawn allen

More information about the thelist mailing list