Description of problem: CAN-2003-0977 fix pushed for RH9, but not FC1 Version-Release number of selected component (if applicable): cvs-1.11.5-3 Additional info: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111221#c5 https://rhn.redhat.com/errata/RHSA-2004-003.html http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0081.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977
A rebuild from cvs-1.11.11-1 (or higher) from Fedora Development at Fedora Core 1 solves the problem, so maybe one of the Red Hat maintainers could do that? Would be very nice :) BTW: Maybe the kerberos 4 support has to be disabled.
Maybe that issue is fixed soon by one of the lazy maintainers with the current issue (see bug dependency)... :-(
Fixed with the current update from bug #120969 so this bug can be closed.