Subject: HEADS UP: cvs, racoon, xchat* vulnerabilities
To: None <>
From: Thomas Klausner <>
List: tech-pkg
Date: 04/16/2004 00:57:14

Since is down, download-vulnerability-list
fails, so please note:
since 2004/04/09, the pkg-vulnerabilities file grew
by the following lines:

racoon<20040408a        weak-authentication
xchat<1.8.11nb7         remote-code-execution
xchat-2.0.[0-7]*        remote-code-execution
xchat-2.0.8             remote-code-execution
xchat-2.0.8nb1          remote-code-execution
xchat-gnome<1.8.11nb7           remote-code-execution
cvs<1.11.15             remote-file-write

Please verify if your installed packages are vulnerable;
pkgsrc contains fixed versions for all of the above.