site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com -Markus On Dec 13, 2004, at 20:51, Alex v.Below wrote: Hope this helps Alex Am 13.12.2004 um 20:03 schrieb Ed Zaron: Hello All, Ed .............................................. Edward D. Zaron, PhD Research Associate (postdoc) College of Oceanic and Atmospheric Sciences Oregon State University Corvallis, OR 97331-5503 Phone: (541) 737-3504 Fax: (541) 737-2064 ezaron@coas.oregonstate.edu ............................................... _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/mww%40opendarwin.org This email sent to mww@opendarwin.org --- Markus W. Weissmann http://www.mweissmann.de/ http://www.opendarwin.org/~mww/ _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com As cvs probably contains more security holes, it is imho a good idea to use cvs over ssh only. As of this writing, Mac OS X (or rather, the development tools) ship with CVS 1.10 Something which worries me is that any update of the devtools will revert the installed CVS version back to 1.10. I have filed this as a security related bug (3720902), but so far Apple does not consider it worth changing. And to make this perfectly clear: cvs is not updated with Security Updates as of yet. To keep your OS X machines safe, update cvs manually. This works well without porting issues of any kind. Forgive me if this isn't the best place to ask about this, but I was looking for some guidance regarding a security problem with cvs which is discussed here: http://lists.gnu.org/archive/html/bug-cvs/2004-05/msg00380.html Does anyone know if this hole has been patched in any of he OS X security updates? A quick search on security-announce did not indicate that it was patched. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/ newsletters%40vonbelow.com This email sent to newsletters@vonbelow.com PGP.sig