Explore top 10 tips to secure your open-source projects now. Read More
×
cvs could be made to crash or run programs as your login if it connected to
a malicious proxy server.
Software Description:
- cvs: Concurrent Versions System
Details:
It was discovered that cvs incorrectly handled certain responses from
proxy servers. If a user were tricked into connecting to a malicious proxy
server, a remote attacker could cause cvs to crash, or possibly execute
arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: cvs 2:1.12.13+real-6ubuntu0.1 Ubuntu 11.04: cvs 1:1.12.13-12ubuntu1.11.04.1 Ubuntu 10.10: cvs 1:1.12.13-12ubuntu1.10.10.1 Ubuntu 10.04 LTS: cvs 1:1.12.13-12ubuntu1.10.04.1 In general, a standard system update will make all the necessary changes.
CVE-2012-0804
Get the latest Linux and open source security news straight to your inbox.