Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Holes in CVS and Subversion Found

Posted by simoniker on from the nee-naw dept.

joe_bruin writes "News.com.com is reporting a two separate vulnerabilities that affect current versions of CVS and Subversion source control systems. Apparently, major users of these products (Linux and BSD distros, Samba, etc.) have been notified and have patched their systems." Update: 05/20 02:01 GMT by S : Clarification that there are separate issues for both CVS and Subversion.

2 of 250 comments (clear)

  1. If CVS was implemented in Java... by StLawrence · · Score: 0, Flamebait

    If CVS was implemented in Java it couldn't suffer from this
    kind of problem. Sure, there are still plenty of other bugs
    that can be coded up in Java, but not nearly the plethora of
    agonizing painful excruciating unfindable bugs you can
    subject yourself (and your users) to with applications written
    in C & C++ and other archaic languages.

    I'm sure there are good reasons to program in C, C++,
    assembly language, FORTRAN, COBOL, BASIC, ... I just
    can't think of any offhand. :-)

  2. Re:Wait! by The+Spoonman · · Score: 0, Flamebait

    all versions of CVS released before May 19th

    This is the first time they looked at the code?

    --
    Which is more painful? Going to work or gouging your eye out with a spoon? Find out!
    http://www.workorspoon.com