Description of problem: Stable CVS 1.11.15 has been released. Stable releases contain only bug fixes from previous versions of CVS. This version fixes serious security holes in both the client and the CVS server executables as well as fixing many other bugs, including some file resurrection issues. CVS-Home recommends this upgrade for all CVS clients and servers. Changelog: http://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev= 1.116.2.92&content-type=text/x-cvsweb-markup Version-Release number of selected component (if applicable): cvs-1.11.11-2 Actual results: Patch1: Has to re-enable (attached cvs-1.11.15-cvspass.patch) Patch5: Already included and can be removed Patch6: Has to re-enable Expected results: Upgrade to 1.11.15 Additional info: Red Hat Linux 9, Red Hat Linux Enterprise/Advanced Server and Fedora Core 1 aren't fixed against the security server and client issues.
Created attachment 99449 [details] Re-enabled patch 1 (cvspass) for cvs 1.11.15
IIRC RHL 9 and RHEL have had errata issued (RHSA-2004-153, RHSA-2004-154). For Fedora, we'll update to 1.11.15 all around.
Created attachment 99591 [details] Re-enabled patch 6 (extzlib2) for cvs 1.11.15
Thank you for updating cvs :)