CVS 1.11.2 has broken pserver+compression and ssh_rsh=ssh support. When acting as a server it causes a blocking read to never exit. Please include an ebuild for CVS1.11 which is stable and does not have this problem as an alternative. 2343287 cvs-1.11.tar.gz 2002-05-09 dprice fd67a990423a0e9fa2fa1c3cf10f4356 Thanks
Ok... I tossed cvs 1.11.1_p1 back in with the redhat system zlib patch. I'm not confident enough (and I have no way of testing) to confirm your bug and that our older versions don't have it also. (If there are any "me toos" lurking, feel free to comment on this bug after its been closed and I'll reopen it). So for now I'm leaving the current version unmasked and offering the older as an alternative. BTW, 1.11 is not safe due to the fact it uses an internal version of gzip with known security issues (if my memory is correct)
A fix for this behavoir has been circulating since September and was committed to ccvs CVS a couple of weeks ago. Here's the patch: diff -ur cvs-1.11.2/src/buffer.c cvs-1.11.2-/src/buffer.c --- cvs-1.11.2/src/buffer.c 2001-08-10 07:26:35.000000000 +1200 +++ cvs-1.11.2-/src/buffer.c 2002-10-15 21:43:31.000000000 +1300 @@ -1378,8 +1378,7 @@ if (buf->input) { - if (! buf_empty_p (buf) - || getc (bc->fp) != EOF) + if (! buf_empty_p (buf)) { # ifdef SERVER_SUPPORT if (server_active) Here's the ccvs diff: http://ccvs.cvshome.org/source/browse/ccvs/src/buffer.c.diff?r1=1.19&r2=1.20
Created attachment 5562 [details, diff] Sorry, here's the patch.
Sorry, I'm inactive and these bugs should have been reassigned to someone else. Bouncing to bug-wranglers.
1.11.4 is out now with a fix for this, perhaps a bump is in order?
Bouncing back to bug-wranglers due to time constraints.
This bug will be fixed when a new ebuild to fix a security bug is committed shortly.
1.11.5 commited.