aru Posted December 9, 2003 Report Share Posted December 9, 2003 MandrakeSoft Security Advisory MDKSA-2003:112 : cvs December 8th, 2003 Updated cvs packages fix malformed module request vulnerability A vulnerability was discovered in the CVS server < 1.11.10 where a malformed module request could cause the CVS server to attempt to create directories and possibly files at the root of the filesystem holding the CVS repository. Updated packages are available that fix the vulnerability by providing CVS 1.11.10 on all supported distributions. The released versions of Mandrake GNU/Linux affected are: 9.0 9.1 9.2 Corporate Server 2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:112 Other references: http://ccvs.cvshome.org/servlets/NewsItemV...lets=8u3x1myav1 Posted automatically by aru (mdksec2mub v0.0.7) Link to comment Share on other sites More sharing options...
Recommended Posts