cvs-1.11.22-11.AXS3.1

エラータID: AXSA:2012-268:01

Release date: 
Wednesday, March 7, 2012 - 12:43
Subject: 
cvs-1.11.22-11.AXS3.1
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

CVS (Concurrent Versions System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred.
CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release.
Security issues fixed with this release:
CVE-2012-0804
No information available at the time of writing, please refer to the CVE links below.

Solution: 

Update packages.

CVEs: 
CVE-2012-0804
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.


Additional Info: 

N/A

Download: 

SRPMS
  1. cvs-1.11.22-11.AXS3.1.src.rpm
    MD5: 1e3963dce5f7988888cc70f287a3ccdb
    SHA-256: 478e0c66d552dba50345963202813b47d41772331bef304167eb7f99fd8ba718
    Size: 2.84 MB

Asianux Server 3 for x86
  1. cvs-1.11.22-11.AXS3.1.i386.rpm
    MD5: d038c2bf96331963d5814f10286ba240
    SHA-256: ea8d2a63bdef991004e4d4645df3c8d814616255157f15ad0066df125b2486bd
    Size: 727.42 kB

Asianux Server 3 for x86_64
  1. cvs-1.11.22-11.AXS3.1.x86_64.rpm
    MD5: 154dc9cce94200d2dea8a05286cdcfa7
    SHA-256: 78d5ea15b1487eb7e3023483ed1142ac4ce5808b3d9b07a0ed228d437b44748b
    Size: 739.10 kB