[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Slackit.org] [slackware-security] New CVS packages available
From: |
Andrea Guarnaccia |
Subject: |
[Slackit.org] [slackware-security] New CVS packages available |
Date: |
Fri, 24 Jan 2003 14:50:41 +0100 (CET) |
Date: Tue, 21 Jan 2003 14:26:20 -0800 (PST)
From: Slackware Security Team <address@hidden>
To: address@hidden
Subject: [slackware-security] New CVS packages available
New cvs packages are available to fix a security vulnerability.
Here are the details from the Slackware 8.1 ChangeLog:
----------------------------
Tue Jan 21 13:12:20 PST 2003
patches/packages/cvs-1.11.5-i386-1.tgz: Upgraded to cvs-1.11.5.
This release fixes a major security vulnerability in the CVS server
by which users with read only access could gain write access.
Details should be available at this URL (but don't seem to be yet):
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015
(* Security fix *)
----------------------------
WHERE TO FIND THE NEW PACKAGE:
------------------------------
Updated cvs package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/cvs-1.11.5-i386-1.tgz
Updated cvs package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/cvs-1.11.5-i386-1.tgz
MD5 SIGNATURE:
--------------
Here is the md5sum for the package:
Slackware 8.1:
37d76c774c9474bf0117d429d6c3740e cvs-1.11.5-i386-1.tgz
Slackware -current:
c43d82187dfa695aa53aaf5b4d3050a1 cvs-1.11.5-i386-1.tgz
INSTALLATION INSTRUCTIONS:
--------------------------
As root, upgrade to the new cvs.tgz package:
# upgradepkg cvs.tgz
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Slackit.org] [slackware-security] New CVS packages available,
Andrea Guarnaccia <=