-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200301-12 - - -------------------------------------------------------------------- PACKAGE : cvs SUMMARY : arbitrary code execution DATE : 2003-01-21 09:43 UTC EXPLOIT : remote - - -------------------------------------------------------------------- - From advisory: "By sending a malformed directory name it is possible to trigger an error condition that will make the function return at a point where a global pointer variable is already freed and has not got a new value assigned yet. This will result in a classical double-free() when the next Directory request is handled. With the help of other CVS requests it is possible to either leak some information that could be used to determine the heap position or to execute arbitrary code on systems that are known to be vulnerable to this kind of bugs." Read the full advisory at http://security.e-matters.de/advisories/012003.html SOLUTION It is recommended that all Gentoo Linux users who are running dev-util/cvs upgrade to cvs-1.11.5 as follows: emerge sync emerge -u cvs emerge clean - - -------------------------------------------------------------------- alizat_private - GnuPG key is available at www.gentoo.org/~aliz - - -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+LRY6fT7nyhUpoZMRAiBIAJ91/tvXho7+GOu900QZGfV+SBJR8wCfTL0T LgVJdmrUqKbXzkiUpd28QII= =Tui9 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 14:37:44 PST