Gentoo: GLSA-200312-09 Critical Severity: FSEvents Vulnerability Patch

gentoo

December 29, 2003

Quote from : "Stable CVS 1.11.11 has been released

Summary


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200312-08
- --------------------------------------------------------------------------

GLSA:        200312-08
package:     dev-util/cvs
summary:     Fix for possible root compromise when using CVS pserver
severity:    high
Gentoo bug:  36142
date:        2003-12-28
exploit:     unknown
affected:    <=1.11.10
fixed:       >=1.11.11


DESCRIPTION:

Quote from :

   "Stable CVS 1.11.11 has been released. Stable releases contain only
   bug fixes from previous versions of CVS. This release adds code to
   the CVS server to prevent it from continuing as root after a user
   login, as an extra failsafe against a compromise of the
   CVSROOT/passwd file. Previously, any user with the ability to write
   the CVSROOT/passwd file could execute arbitrary code as the root
   user on systems with CVS pserver access enabled. We recommend this
   upgrade for all CVS se...
Read the Full Advisory

Topics Covered

security advisory high severity gentoo root compromise cvs fix dev-util

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity

critical

Lowest

Low

Medium

High

Critical

Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/34906_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics Covered

security advisory high severity gentoo root compromise cvs fix dev-util

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Gentoo: GLSA-200312-09 Critical Severity: FSEvents Vulnerability Patch

Summary

Topics Covered

Resolution

References

Availability

Concerns

Topics Covered

Synopsis

Background

Get the latest News and Insights

Affected Packages

Impact

Workaround

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Gentoo: GLSA-200312-09 Critical Severity: FSEvents Vulnerability Patch

Summary

Topics Covered

Resolution

References

Availability

Concerns

Topics Covered

Synopsis

Background

Get the latest News and Insights

Affected Packages

Impact

Workaround

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!