[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-debian] Bug#601850: monotone: Empty command string can be used
From: |
Francis Russell |
Subject: |
[Monotone-debian] Bug#601850: monotone: Empty command string can be used to crash certain server configurations |
Date: |
Sat, 30 Oct 2010 10:40:15 +0100 |
Package: monotone
Version: 0.48-2
Severity: serious
Tags: upstream
Monotone versions 0.46, 0.47 and 0.48 are affected by a bug whereby a client
sending an empty command string to the server can cause it to terminate if
remote command execution is enabled. This has been fixed in 0.48.1.
Further details exist here:
http://www.thomaskeller.biz/blog/2010/10/22/monotone-0-48-1-released-please-update-your-servers/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Monotone-debian] Bug#601850: monotone: Empty command string can be used to crash certain server configurations,
Francis Russell <=