Linux Today - Slackware Linux Advisory: cvs

search.internet.com

Become a Marketplace Partner

internet.commerce

Be a Commerce Partner

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Subscribe News
Subscribe PR
Subscribe Security

internet.com

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

The Problem With The Linux Community

Vim 101: A Beginner's Guide to Vim

Open Source Science: A Revolution From Within

openSUSE 11.2-- Incremental Updates, Plenty of Polish

Microsoft, other rivals slam Google Chrome OS

Intel Linux Graphics Shine With Fedora 12

Editor's Note: Do It Yourself "Cloud"

Google Chrome OS: First looks, first impressions

Kernel Log: Coming in 2.6.32 (Part 3) - Storage

TV Mythos Renewed: MythTV 0.22 with Many Improvements

Technical Specialist II – PC – LAN (AZ)
Next Step Systems
US-AZ-Scottsdale

Justtechjobs.com

Post A Job | Post A Resume

:Slackware Linux Advisory: cvs

Slackware Linux Advisory: cvs
Jun 10, 2004, 03 :59 UTC (0 Talkback[s]) (2040 reads)

[slackware-security] cvs (SSA:2004-161-01)

New cvs packages that have been upgraded to cvs-1.11.17 are available for Slackware 8.1, 9.0, 9.1, and -current to fix various security issues. Sites running a CVS server should upgrade to the new CVS package right away.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Jun 9 11:35:15 PDT 2004
patches/packages/cvs-1.11.17-i486-1.tgz: Upgraded to cvs-1.11.17. From the cvs NEWS file:

Thanks to Stefan Esser & Sebastian Krahmer, several potential security problems have been fixed. The ones which were considered dangerous enough to catalogue were assigned issue numbers CAN-2004-0416, CAN-2004-0417, & CAN-2004-0418 by the Common Vulnerabilities and Exposures Project. Please see <http://www.cve.mitre.org>; for more information.
A potential buffer overflow vulnerability in the server has been fixed. This addresses the Common Vulnerabilities and Exposures Project's issue CAN-2004-0414. Please see <http://www.cve.mitre.org>; for more information.
(* Security fix *)
+--------------------------+

Where to find the new packages:

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/cvs-1.11.17-i386-1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/cvs-1.11.17-i386-1.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/cvs-1.11.17-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/cvs-1.11.17-i486-1.tgz

MD5 signatures:

Slackware 8.1 package:
66db824432943ba55f59a967bb873ddd cvs-1.11.17-i386-1.tgz

Slackware 9.0 package:
ae99eefc6ec2e86d4957839a0bbd09d6 cvs-1.11.17-i386-1.tgz

Slackware 9.1 package:
e87625033650b3cc89172931e5dd2af4 cvs-1.11.17-i486-1.tgz

Slackware -current package:
941eb35ade93da89e622cd19e852c799 cvs-1.11.17-i486-1.tgz

Installation instructions:

First, shut down the cvs server if you are running one.

Then, upgrade the package:
# upgradepkg cvs-1.11.17-i486-1.tgz

Finally, restart the CVS server.

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

No talkbacks posted.

Home | Search Talkbacks | Customize View

Top of Page

Enter your comments below:

All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Microsoft Articles: Visual Studio 2010
Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Microsoft Whitepaper: How Windows Server 2008 R2 Helps Optimize IT and Save You Money
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Download: Microsoft Visual Studio 2010 Beta 2
Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
Free Trial: Red Gate SQL Backup Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES