Linux Today - Debian GNU/Linux Advisory: cvs

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

Malware devs embrace open-source

A tale of two distros: Ubuntu and Linux Mint

Raspberry Pi benchmarked against Beagleboard, low price is long term

20 popular Ubuntu Linux apps you may want to try

A Selection of the Very Best Open Source Tutorials and Tools

Android Ice Cream Sandwich ported to x86 tablets, netbooks and notebooks

SECURITY: Google Chrome 17 Improves Security

How to read a CSV file in Perl?

Red Hat Brings Gluster to Amazon Cloud

New Linux kernel fixes power-saving issues

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Post A Job | Post A Resume

:Debian GNU/Linux Advisory: cvs

Debian GNU/Linux Advisory: cvs
Jun 11, 2004, 03 :15 UTC (0 Talkback[s]) (2111 reads)

Debian Security Advisory DSA 517-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 10th, 2004 http://www.debian.org/security/faq

Package : cvs
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0414

Derek Robert Price discovered a potential buffer overflow vulnerability in the CVS server, based on a malformed Entry, which serves the popular Concurrent Versions System.

For the stable distribution (woody) this problem has been fixed in version 1.11.1p1debian-9woody6.

For the unstable distribution (sid) this problem has been fixed in version 1.12.8-1.

We recommend that you upgrade your cvs package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6.dsc
Size/MD5 checksum: 693 78cbaadcaaca26b6314519f07438f315
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6.diff.gz
Size/MD5 checksum: 53411 8929158c0e561a3a9dfffb3fe139ebcc
http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian.orig.tar.gz
Size/MD5 checksum: 2621658 500965ab9702b31605f8c58aa21a6205

Alpha architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_alpha.deb
Size/MD5 checksum: 1178980 a0cbfe582bc24d6aeaabf73864cf5ea7

ARM architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_arm.deb
Size/MD5 checksum: 1105486 b72090d480345f2d53a9865508ccbde6

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_i386.deb
Size/MD5 checksum: 1086270 045983b8647b3c1ddfdf790f38827099

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_ia64.deb
Size/MD5 checksum: 1271230 345ffdefe2745de88627909480628d3c

HP Precision architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_hppa.deb
Size/MD5 checksum: 1147628 d13cf3f32407ec327dff62079825aa97

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_m68k.deb
Size/MD5 checksum: 1065934 61ace03fa7975fd2d16b52973635823a

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_mips.deb
Size/MD5 checksum: 1130030 a246813a0ec77d80ca670dd4d8b3cf6e

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_mipsel.deb
Size/MD5 checksum: 1131336 0e207672b627d0273967a98893d85afd

PowerPC architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_powerpc.deb
Size/MD5 checksum: 1116424 d43475e6515397d7b2cdabbf3841e4eb

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_s390.deb
Size/MD5 checksum: 1097264 547f092cf847da218eea35301575319c

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-9woody6_sparc.deb
Size/MD5 checksum: 1107512 c960e899d7e95b357a1fff411d86bd6e

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

No talkbacks posted.

Home | Search Talkbacks | Customize View

Top of Page

Enter your comments below:

All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

Terms of Service | Licensing & Permissions | Privacy Policy
About the Developer.com Network | Advertise

Terms of Service | Licensing & Permissions | Privacy Policy
About the IT Business Edge Network | Advertise

Acceptable Use Policy

Terms of Service | Licensing & Permissions | Privacy Policy
About the Developer.com Network | Advertise

Acceptable Use Policy

Terms of Service | Licensing & Permissions | Privacy Policy
About the IT Business Edge Network | Advertise