--------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1620 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1620 2004-05-21 --------------------------------------------------------------------- Name : cvs Version 7.3 : 1.11.1p1-14.legacy.2 Version 9 : 1.11.2-18.legacy Summary : A version control system. Description : CVS (Concurrent Version System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. --------------------------------------------------------------------- Update Information: CAN-2004-0396: Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines. --------------------------------------------------------------------- Changelog: 7.3: * Thu May 13 2004 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.11.1p1-14 - use revised version of Stefan Esser's patch provided by Derek Robert Price * Mon May 03 2004 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.11.1p1-13 - add patch from Stefan Esser to close CAN-2004-0396 9: * Fri May 21 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx 1.11-2.18.legacy - Patched for CAN-2004-0396 - supplied full path for krb5-config --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ e4d30403a2ca8a64dfe873f739ccfb7b7e97d331 7.3/updates-testing/SRPMS/cvs-1.11.1p1-14.legacy.2.src.rpm 1abc86e11ed907274f058fe95a1e18e56b06d561 7.3/updates-testing/i386/cvs-1.11.1p1-14.legacy.2.i386.rpm e9b52d417be0b4a7640ddb40a5444e195175ed7b 9/updates-testing/SRPMS/cvs-1.11.2-18.legacy.src.rpm 482f57022392cc6cabbf34c78ba77d08e284c990 9/updates-testing/i386/cvs-1.11.2-18.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. --------------------------------------------------------------------- -- Jesse Keating RHCE (geek.j2solutions.net) Fedora Legacy Team (www.fedoralegacy.org) GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating
Attachment:
pgp00346.pgp
Description: signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
