lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1DOVah-0000Qb-S1@mercury.mandriva.com>
Date: Thu Apr 21 13:09:03 2005
From: security at mandriva.com (Mandriva Security Team)
Subject: MDKSA-2005:073 - Updated cvs packages fix
	vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           cvs
 Advisory ID:            MDKSA-2005:073
 Date:                   April 20th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A buffer overflow and memory access problem in CVS have been
 discovered by the CVS maintainer.  The updated packages have been
 patched to correct the problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 fcca52a87c10c21980b5bb82e4146cd7  10.0/RPMS/cvs-1.11.17-1.2.100mdk.i586.rpm
 3a8336cdfb01ebac7238dd2a90557cd0  10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 ebc0e0ca427a6a4af5e8cb3a02be6d10  amd64/10.0/RPMS/cvs-1.11.17-1.2.100mdk.amd64.rpm
 3a8336cdfb01ebac7238dd2a90557cd0  amd64/10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 26f8c84536a69f008748013d58fa9731  10.1/RPMS/cvs-1.11.17-2.1.101mdk.i586.rpm
 a78c97927dbf5531c72170c41a1b848c  10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 fc4c1cf58191170ddc0e0c3d93c943b4  x86_64/10.1/RPMS/cvs-1.11.17-2.1.101mdk.x86_64.rpm
 a78c97927dbf5531c72170c41a1b848c  x86_64/10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 bde89da06e586ed4b1540c74758b16be  10.2/RPMS/cvs-1.11.19-1.1.102mdk.i586.rpm
 3fbedcddb4d39abf1ea4197ab3ab8458  10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 4363551cd317f849f3a456ab6175db1e  x86_64/10.2/RPMS/cvs-1.11.19-1.1.102mdk.x86_64.rpm
 3fbedcddb4d39abf1ea4197ab3ab8458  x86_64/10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

 Corporate Server 2.1:
 2f8c375ffdf2a5c842fa28f317c50a62  corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.i586.rpm
 71bf64c5d64b7e7d8a051120f6fa3ea3  corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 0bbb0a61241de7ea552a22f1bcee49e2  x86_64/corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.x86_64.rpm
 71bf64c5d64b7e7d8a051120f6fa3ea3  x86_64/corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

 Corporate 3.0:
 64346680df70221e6c8340fecdd383a1  corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.i586.rpm
 1c5fd32822539582ce9f513f827d7697  corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 66cd15abb301b08dc0c00c06829e6d2e  x86_64/corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.x86_64.rpm
 1c5fd32822539582ce9f513f827d7697  x86_64/corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ05PmqjQ0CJFipgRAja0AKClud6aVXXzLf9H+4rKvmThSfueOACeMV9z
ycCUcaUBp3qQvvnfQoZzZTA=
=xn3B
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ