CAN-2004-0414 through 418 are still "reserved." Looking at the sources in http://download.fedoralegacy.org/redhat/7.3/updates-testing/SRPMS/cvs-1.11.1p1-14.legacy.3.src.rpm 03cvs-client-exploit-fix-1.11.2.diff contains a patch similar to the OpenBSD patch for CAN-2004-0180. ccvs-exploit-20040519.2.diff contains a patch similar to the FreeBSD and OpenBSD patches for CAN-2004-0396. On Tue, 1 Jun 2004, Jesse Keating wrote: > There is a sudden influx of CVS issues, and I'm not sure what all CVEs > our packages address. Can some of you check > https://bugzilla.fedora.us/show_bug.cgi?id=1620 for the following CVE > coverage: > > CAN-2004-0180 CAN-2004-0396 CAN-2004-0414 CAN-2004-0416 CAN-2004-0417 > CAN-2004-0418 > > Thanks. > > -- Howard Owen "Even if you are on the right EGBOK Consultants track, you'll get run over if you hbo@xxxxxxxxx +1-650-218-2216 just sit there." - Will Rogers -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
