[CLA-2003:561] Conectiva Linux Security Announcement - cvs

From: secure@conectiva.com.br
Date: 01/23/03

Next message: Gary H. Jones II: "DoS in Hotsync Manager (with network hotsync enabled)"

Previous message: Martin Schulze: "[SECURITY] [DSA 239-1] New kdesdk packages fix several vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 23 Jan 2003 14:06:07 -0200
To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org
From: secure@conectiva.com.br

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------

PACKAGE : cvs
SUMMARY : Update: cvs remote double free() vulnerability
DATE : 2003-01-23 10:54:00
ID : CLA-2003:561
RELEVANT
RELEASES : 6.0, 7.0, 8

- -------------------------------------------------------------------------

DESCRIPTION
CVS is a version control system largely used in software projects.

During a code audit, Stefan Esser discovered a double free()
vulnerability[2][3] in the CVS code. This vulnerability can be
exploited by remote users, authenticated or anonymous, to execute
arbitrary commands on the server.

Please note that users with write access to CVS (the so called
"commiters") usually already have shell access on the server, or can
easily get shell access as has already been discussed elsewhere[4].

Besides fixing the double free vulnerability, the new packages
provided with this update now have the Checkin-prog and Update-prog
commands disabled.

UPDATE
The previous CVS update (CLSA-2003:560), while indeed fixing the
security vulnerability, introduced problems which prevented it from
being used due to the way the Checkin-prog and Update-prog commands
where disabled. This has now been fixed.

SOLUTION
It is recommended that all CVS administrators upgrade their packages
immediately.

REFERENCES
1. http://www.cvshome.org/
2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015
3. http://security.e-matters.de/advisories/012003.html
4. http://online.securityfocus.com/archive/1/72584
5. http://bugzilla.conectiva.com/show_bug.cgi?id=7507

ADDITIONAL INSTRUCTIONS
Users of Conectiva Linux version 6.0 or higher may use apt to perform
upgrades of RPM packages:

- run: apt-get update
- after that, execute: apt-get upgrade

Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+MBLu42jd0JmAcZARApo8AKDKkKCiakoMGN50SmS26obBUn2/VgCg4vAB
g4r9oSn0j9g4KTo3q2LQH98=
=rn0z
-----END PGP SIGNATURE-----

Next message: Gary H. Jones II: "DoS in Hotsync Manager (with network hotsync enabled)"
Previous message: Martin Schulze: "[SECURITY] [DSA 239-1] New kdesdk packages fix several vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[CLA-2003:727] Conectiva Security Announcement - sendmail
... determined whether this vulnerability can be used to execute remote ... It is recommended that all sendmail users upgrade their packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:768] Conectiva Security Announcement - fileutils
... Denial of service vulnerability ... All users should upgrade. ... The apt tool can be used to perform RPM packages upgrades: ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:614] Conectiva Security Announcement - sendmail
... SUMMARY: Buffer overflow vulnerability ... All sendmail users should upgrade immediately. ... UPDATED PACKAGES ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:750] Conectiva Security Announcement - proftpd
... PACKAGE: proftpd ... this vulnerability to execute arbitrary code with root privileges. ... The apt tool can be used to perform RPM packages upgrades: ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:672] Conectiva Security Announcement - unzip
... SUMMARY: Directory transversal vulnerability ... unzip is a program widely used for the distribution of multiple files ... The apt tool can be used to perform RPM packages upgrades: ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)