search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology International Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Linux And Martial Arts Humor - Linus Torvalds Vs. Chuck Norris Extending Nautilus, Scripting Your Way To UI Bliss Check Your Mysql Server Performance with MySQLTuner The Growth of the Newest Kubuntu Support Option Linux Game "System of Tomorrow" Ships in Two Weeks Anonymous Proxy Using Squid 3 On CentOS 5.x Install and Configure Cacti Monitoring Tool in Ubuntu 8.10 (Intrepid Ibex) Server SimplyMEPIS: The Best Desktop Linux You Haven't Tried Planning Extensions in TYPO3 How the Linux Kernel Manages Virtual Memory Sr. Developer, Backend Professional Technical Resources US-OR-Portland Post A Job | Post A Resume Slackware Linux Advisory: cvs Jun 10, 2004, 03 :59 UTC (0 Talkback[s]) (1744 reads) [slackware-security] cvs (SSA:2004-161-01) New cvs packages that have been upgraded to cvs-1.11.17 are available for Slackware 8.1, 9.0, 9.1, and -current to fix various security issues. Sites running a CVS server should upgrade to the new CVS package right away. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414 Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Jun 9 11:35:15 PDT 2004 patches/packages/cvs-1.11.17-i486-1.tgz: Upgraded to cvs-1.11.17. From the cvs NEWS file: Thanks to Stefan Esser & Sebastian Krahmer, several potential security problems have been fixed. The ones which were considered dangerous enough to catalogue were assigned issue numbers CAN-2004-0416, CAN-2004-0417, & CAN-2004-0418 by the Common Vulnerabilities and Exposures Project. Please see <http://www.cve.mitre.org>; for more information. A potential buffer overflow vulnerability in the server has been fixed. This addresses the Common Vulnerabilities and Exposures Project's issue CAN-2004-0414. Please see <http://www.cve.mitre.org>; for more information. (* Security fix *) +--------------------------+ Where to find the new packages: Updated package for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/cvs-1.11.17-i386-1.tgz Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/cvs-1.11.17-i386-1.tgz Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/cvs-1.11.17-i486-1.tgz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/cvs-1.11.17-i486-1.tgz MD5 signatures: Slackware 8.1 package: 66db824432943ba55f59a967bb873ddd cvs-1.11.17-i386-1.tgz Slackware 9.0 package: ae99eefc6ec2e86d4957839a0bbd09d6 cvs-1.11.17-i386-1.tgz Slackware 9.1 package: e87625033650b3cc89172931e5dd2af4 cvs-1.11.17-i486-1.tgz Slackware -current package: 941eb35ade93da89e622cd19e852c799 cvs-1.11.17-i486-1.tgz Installation instructions: First, shut down the cvs server if you are running one. Then, upgrade the package: # upgradepkg cvs-1.11.17-i486-1.tgz Finally, restart the CVS server. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP Search: Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia Jupitermedia Corporate Info Legal Notices, Licensing, Reprints, Permissions, Privacy Policy. Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers Solutions Whitepapers and eBooks Microsoft PDF: Top 11 Reasons to Upgrade to Windows Server 2008 Intel Podcast Transcript: Talking vPro Avaya Article: Communication-Enabled Mashups: Empowering Both Business Owners and IT Whitepaper: Building a Real-World Model to Assess Virtualization Platforms PDF: Intel Centrino Duo Processor Technology with Intel Core2 Duo Processor Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape? Go Parallel Article: Q&A with a TBB Junkie Microsoft Article: BitLocker Encryption on Windows Server 2008 Go Parallel Article: Intel Thread Checker, Meet 20 Million LOC IBM Whitepaper: Innovative Collaboration to Advance Your Business   Internet.com eBook: Real Life Rails IBM eBook: The Pros and Cons of Outsourcing Internet.com eBook: Best Practices for Developing a Web Site IBM CXO Whitepaper: The 2008 Global CEO Study "The Enterprise of the Future" Avaya Article: Call Control XML in Action - A CCXML Auto Attendant IBM CXO Whitepaper: Unlocking the DNA of the Adaptable Workforce--The Global Human Capital Study 2008 Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers HP eBook: Storage Networking , Part 1 MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Podcast: The Pro Platform - Intel vPro Technology Go Parallel Video: Intel(R) Threading Building Blocks: A New Method for Threading in C++ HP Video: Is Your Data Center Ready for a Real World Disaster? Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices HP On Demand Webcast: Virtualization in Action Go Parallel Video: Performance and Threading Tools for Game Developers   Rackspace Hosting Center: Customer Videos Intel vPro Developer Virtual Bootcamp HP Disaster-Proof Solutions eSeminar HP On Demand Webcast: Discover the Benefits of Virtualization MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Amyuni Download: PDF & XPS Engine for Your .NET and ActiveX Applications Acresso Download: Try InstallShield 2009 Microsoft Download: Silverlight 2 SDK 30-Day Trial: SPAMfighter Exchange Module   Red Gate Download: SQL Toolbelt Iron Speed Designer Application Generator Microsoft Download: Silverlight 2 Developer Runtime (Windows) MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Demo: Dual-Core Intel Itanium 2 Processor IBM IT Innovation Article: Green Servers Provide a Competitive Advantage   Microsoft Article: Making Designer/Developer Collaboration a Reality MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES