Description of problem: Stable CVS 1.11.16 has been released. Version-Release number of selected component (if applicable): cvs-1.11.15-6 Actual results: Patch1: Has to re-enable (attached cvs-1.11.16-cvspass.patch) Patch5: Has to re-enable (attached cvs-1.11.16-extzlib2.patch) Patch6: Already included and can be removed Expected results: Upgrade to 1.11.16
Created attachment 100522 [details] cvs-1.11.16-cvspass.patch
Created attachment 100523 [details] cvs-1.11.16-extzlib2.patch
cvs 1.11.17 is released and fixes some security bugs: https://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.104&content-type=text/x-cvsweb-markup I'll make the corresponding patch merging soon, if it isn't done, yet.
Created attachment 101015 [details] cvs-1.11.17-cvspass.patch
Created attachment 101016 [details] cvs-1.11.17-extzlib2.patch
The update to cvs 1.11.17 fixes CAN-2004-0416, CAN-2004-0417, CAN-2004-0418 and CAN-2004-0414 (from upstream's changelog). This patches worked for me for rebuilds at RHL9, FC1, FC2 and RHEL3. Do FC1/2 get an update or "only" a patch?
Thank you for doing the update of cvs for FC1 and 2: http://www.redhat.com/archives/fedora-announce-list/2004-June/msg00018.html http://www.redhat.com/archives/fedora-announce-list/2004-June/msg00019.html