Bug 53408 - dev-util/cvs More vulnerabilities
|
Bug#:
53408
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: All
|
|
OS/Version: All
|
Status: RESOLVED
|
Severity: major
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: jaervosz@gentoo.org
|
|
Component: Security
|
|
|
URL:
http://security.e-matters.de/advisories/092004.html
|
|
Summary: dev-util/cvs More vulnerabilities
|
|
Keywords:
|
|
Status Whiteboard: B1 [stable]
|
|
Opened: 2004-06-09 07:02 0000
|
Stefan Esser discovered more bugs in CVS see link for further info.
Advisory: More CVS remote vulnerabilities
Release Date: 2004/06/09
Last Modified: 2004/06/09
Author: Stefan Esser [s.esser@e-matters.de]
Application: CVS feature release <= 1.12.8
CVS stable release <= 1.11.16
Severity: Vulnerabilities within CVS allow remote compromise of
CVS servers.
Risk: Critical
Vendor Status: Vendor has released bugfixed versions.
Reference: http://security.e-matters.de/advisories/092004.html
*** Bug 53411 has been marked as a duplicate of this bug. ***
From: Stefan Esser <s.esser@e-matters.de>
To: Ned Ludd <solar@gentoo.org>
Subject: Re: [Full-Disclosure] Advisory 09/2004: More CVS remote vulnerabilities
Date: Wed, 9 Jun 2004 17:19:11 +0200
> For the sake of clarity could you state exactly which version(s) are
> fixed.
>
> cvshome seems to have no >=1.11.17 for a stable branch.
>
The problem is that a coordinated release was planned for today 13:00 GMT
but obvioulsy Derek Robert Price forgot to put them up. Meanwhile I have
heard that within the next 60 minutes the new versions are out.
Stefan Esser
I will immediatly test and put it into the tree then.
cvs-1.11.17 committed.
Stable on x86, ~ on all other architectures.
Please test and mark stable asap, I'd like to remove <=1.11.16 from the tree then.
CAN numbers :
CAN-2004-0414 - no-null-termination of "Entry" lines
CAN-2004-0416 - error_prog_name "double-free()"
CAN-2004-0417 - Argument integer overflow
CAN-2004-0418 - serve_notify() out of bounds writes
Note that if you have the doc useflag set, the ebuild will currently fail to
download all of the files as the .ps version of the cederqvist doc redirects
you to a secure website. Even though wget was built with ssl support, it gives
the following error;
>>> Downloading http://ccvs.cvshome.org/files/documents/19/196/cederqvist-1.11.17.ps
https: Unknown host
Granted this isn't a show stopper but I thought people should be aware. I'm
not on the CC so if you want to reply to me either add me or do it offline.
Cheers
The ebuild in CVS is still ~amd64. I suppose the stable keyword was lost
somewhere.
amd64 please confirm...
Once amd64 is confirmed the GLSA is ready to go.
Confirming... i'm just still wondering why and how i forgot to commit ?!?
[I double checked, it's really in now ;-) ]
Still not stable on arm, ia64, ppc64 and s390.
Will hunt down some individuals now ;-)
cvs-1.11.17 stable on all architectures now
