Slackware: 2003-345-01 Moderate: CVS Server Directory Issue
slackware
December 11, 2003
CVS is a client/server version control system
Summary
Here are the details from the Slackware 9.1 ChangeLog: Thu Dec 11 12:29:30 PST 2003 patches/packages/cvs-1.11.10-i486-1.tgz: Upgraded to cvs-1.11.10. - From the NEWS file: SERVER SECURITY ISSUES * Malformed module requests could cause the CVS server to attempt to create directories and possibly files at the root of the filesystem holding the CVS repository. Filesystem permissions usually prevent the creation of these misplaced directories, but nevertheless, the CVS server now rejects the malformed requests. (* Security fix *) WHERE TO FIND THE NEW PACKAGE: Updated package for Slackware 8.1: Updated package for Slackware 9.0: Updated package for Slackware 9.1: Updated package for Slackware -current: MD5 SIGNATURES: Slackware 8.1 package: 1aff9e868759883f160f7d75800cef63 cvs-1.11.10-i386-1.tgz Slackware 9.0 package: fa213d474908fe0cabd9d41270867eb1 cvs-1.11.10-i386-1.tgz Slackware 9.1 package: e8b66036e4338e18e8d793c1c2b3e3a3
Read the Full Advisory
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!