Slackware 2004-108-02 Critical: CVS Client-Server Access Flaws
slackware
April 18, 2004
CVS is a client/server version control system
Summary
Here are the details from the Slackware 9.1 ChangeLog: Sat Apr 17 14:09:23 PDT 2004 patches/packages/cvs-1.11.15-i486-1.tgz: Upgraded to cvs-1.11.15. Fixes two security problems (server creating arbitrary files on a client machine, and client viewing files outside of the CVS repository). For more details, see: https://www.cve.org/CVERecord?id=CVE-CAN-2004-0180 https://www.cve.org/CVERecord?id=CVE-CAN-2004-0405 (* Security fix *) WHERE TO FIND THE NEW PACKAGE: Updated package for Slackware 8.1: Updated package for Slackware 9.0: Updated package for Slackware 9.1: Updated package for Slackware -current: MD5 SIGNATURES: Slackware 8.1 package: e8ba67add4c86d0bd8b7dc1ce265752a cvs-1.11.15-i386-1.tgz Slackware 9.0 package: 177b19dd98655f6811053f29286e4ab7 cvs-1.11.15-i386-1.tgz Slackware 9.1 package: 80a99f7f4e2606d6c45ad60614cef81b cvs-1.11.15-i486-1.tgz Slackware -current package: 6e6cbad9deab1a53c1543c72d0acad1c cvs-1.11.15-i486-1.tgz INSTALLATION
Read the Full Advisory
Topics Covered
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!