An alpha release of GNATS has been uploaded to
ftp://alpha.gnu.org/gnu/gnats.  The GNATS team is working on releasing
4.2 and would like your help ironing out the bugs.

>From the NEWS file:

GNATS 4.1.999 (Pre-release-candidate), September 2007
=====================================================
Version 4.1.999 is an alpha release that contains many bug-fixes
release and copyright license upgrade to GNU General Public License v3
and GNU Library General Public Library v3.  It includes the
vulnerabilities fixes intended to be released in August 2005.

A Common Vulnerabilities and Exposures candidate [CAN-2005-2180] was
reported for a local security exploit over the misuse of setuid
binaries for manipulating local databases.  The Makefiles have been
altered to discontinue using the setuid bit.

The suggested manner in which to use a local database is to use an
unprivileged user in combination with sudo, or to create a dedicated
filesystem group to which you add your "responsible" team members.
Alternatively, you could operate exclusively through the network
interface.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180

Since GNATS 4.0.0, there has been trouble trying to build the software
on Solaris machines.  This has now been fixed.

--
Chad Walstrom <chewie@wook...>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */


_______________________________________________
Info-gnats mailing list
Info-gnats@gnu....
http://lists.gnu.org/mailman/listinfo/info-gnats