Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 89579

Summary: dev-util/cvs Multiple DoS issues
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: pylon
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard: B3 [glsa] jaervosz
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-04-18 14:12:04 UTC 
CVS Changelog entries for 2005-03-17 some of the initial issues reported are not fixed in kclockwork patch but in the public CVS tree:

https://ccvs.cvshome.org/source/browse/ccvs/src/ChangeLog?rev=1.3170&content-type=text/vnd.viewcvs-markup

Another issue:

https://ccvs.cvshome.org/issues/show_bug.cgi?id=224
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-04-18 14:12:57 UTC 
Pylon please advise.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-04-19 12:38:04 UTC 
1.11.20 is released. Pylon please bump.
Comment 3 Lars Weiler (RETIRED) gentoo-dev 2005-04-19 16:22:58 UTC 
I added cvs-1.11.20 and cvs-1.12.12 into portage.  Arches should test and make cvs-1.11.20 stable.

cvs-1.11.20:
current KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~ppc64 ~s390"
target  KEYWORDS="x86 ppc sparc mips alpha arm hppa amd64 ia64 ppc64 s390"


cvs-1.12.12:
current KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~ppc64 ~s390"
target nothing to be done here
Comment 4 Luke Macken (RETIRED) gentoo-dev 2005-04-19 17:32:30 UTC 
arches, please mark cvs-1.11.20 stable.
Comment 5 Gustavo Zacarias (RETIRED) gentoo-dev 2005-04-19 18:01:14 UTC 
sparc stable.
Comment 6 Markus Rothe (RETIRED) gentoo-dev 2005-04-19 23:42:01 UTC 
stable on ppc64
Comment 7 Lars Weiler (RETIRED) gentoo-dev 2005-04-20 00:38:24 UTC 
Stable on ppc and x86.
Comment 8 Simon Stelling (RETIRED) gentoo-dev 2005-04-20 09:47:52 UTC 
amd64 done
Comment 9 Guy Martin (RETIRED) gentoo-dev 2005-04-20 13:06:08 UTC 
Stable on hppa.
Comment 10 Bryan Østergaard (RETIRED) gentoo-dev 2005-04-20 14:46:32 UTC 
Stable on alpha + ia64.
Comment 11 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-04-22 04:51:17 UTC 
Resolved with GLSA 200504-16 Update

arm, mips, s390 remember to mark stable to benifit from the GLSA Update.
Comment 12 Joshua Kinard gentoo-dev 2005-06-29 19:18:01 UTC 
cvs-1.11.20 stable on mips.