Bug 111221
| Summary: | CAN-2003-0977 cvs file creation vulnerability | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Ville Skyttä <scop> |
| Component: | cvs | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 1 | CC: | redhat |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-01-13 20:18:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Ville Skyttä
2003-11-30 15:14:40 UTC
cvs 1.11.10, a security update, is out. Upgraded package available: http://cachalot.mine.nu/1/SRPMS.fdr/cvs-1.11.10-0.fdr.1.src.rpm Please consider applying this to FC1 and possibly earlier RH versions. I believe my package could be used as-is except for changing the 0.fdr.X Release tag to 1. looks like this one: http://ccvs.cvshome.org/servlets/NewsItemView?newsID=88 is also an issue. Update to 1.11.11: http://cachalot.mine.nu/1/SRPMS.fdr/cvs-1.11.11-0.fdr.1.src.rpm Well, I see there is an update in core/development so I'm pulling my package. I find the complete lack of comments in this issue somewhat disturbing though. An issue with security severity has sat in Bugzilla for a month now, no comments. In the future, could you please comment on Bugzilla entries like this in order to make it easier for people to avoid unnecessary work? redhat released an update for RH9, but not for FC1. as such, it's not clear to me why this ticket is closed. |