MDKSA-2004:058

Package name

cvs

Date

2004-06-09

Advisory ID

MDKSA-2004:058

Affected versions

9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , CS2.1 i586 , 10.0 i586 , 9.2 i586 , 9.1 i586 , 9.1 i586

Problem description

Another vulnerability was discovered related to "Entry" lines in cvs, by the development team (CAN-2004-0414). As well, Stefan Esser and Sebastian Krahmer performed an audit on the cvs source code and discovered a number of other problems, including: A double-free condition in the server code is exploitable (CAN-2004-0416). By sending a large number of arguments to the CVS server, it is possible to cause it to allocate a huge amount of memory which does not fit into the address space, causing an error (CAN-2004-0417). It was found that the serve_notify() function would write data out of bounds (CAN-2004-0418). The provided packages update cvs to 1.11.16 and include patches to correct all of these problems.

Updated packages

9.2 amd64

 43ef377093ecf7a6d9034ad60993827a  amd64/9.2/RPMS/cvs-1.11.16-1.1.92mdk.amd64.rpm
8a4973fd2577fb20bf5fcec3d5081c4d  amd64/9.2/SRPMS/cvs-1.11.16-1.1.92mdk.src.rpm

CS2.1 x86_64

 8185d289207e8357abb251a1ca3f571d  x86_64/corporate/2.1/RPMS/cvs-1.11.16-1.1.C21mdk.x86_64.rpm
bb46882dbf757203299558ce1cfde165  x86_64/corporate/2.1/SRPMS/cvs-1.11.16-1.1.C21mdk.src.rpm

10.0 amd64

 5460c0dcc9d535d4813f999e0ffa9f85  amd64/10.0/RPMS/cvs-1.11.16-1.1.100mdk.amd64.rpm
0f095c91db34af290ceba3dc9df6aa6c  amd64/10.0/SRPMS/cvs-1.11.16-1.1.100mdk.src.rpm

CS2.1 i586

 e46d86d0b5641c4a73ec5160acf17204  corporate/2.1/RPMS/cvs-1.11.16-1.1.C21mdk.i586.rpm
bb46882dbf757203299558ce1cfde165  corporate/2.1/SRPMS/cvs-1.11.16-1.1.C21mdk.src.rpm

10.0 i586

 1a502935f4df6e42c85ff1fb1ef27d30  10.0/RPMS/cvs-1.11.16-1.1.100mdk.i586.rpm
0f095c91db34af290ceba3dc9df6aa6c  10.0/SRPMS/cvs-1.11.16-1.1.100mdk.src.rpm

9.2 i586

 c78ec66461805bae870f32fc42a40c7c  9.2/RPMS/cvs-1.11.16-1.1.92mdk.i586.rpm
8a4973fd2577fb20bf5fcec3d5081c4d  9.2/SRPMS/cvs-1.11.16-1.1.92mdk.src.rpm

9.1 i586

 ec87f6b23f81a443057383e7181ae61f  9.1/RPMS/cvs-1.11.16-1.1.91mdk.i586.rpm
18e7ac2121ddde681ee4bd52780a0399  9.1/SRPMS/cvs-1.11.16-1.1.91mdk.src.rpm

9.1 i586

 f63540702537363c388fcccbe7786cd6  ppc/9.1/RPMS/cvs-1.11.16-1.1.91mdk.ppc.rpm
18e7ac2121ddde681ee4bd52780a0399  ppc/9.1/SRPMS/cvs-1.11.16-1.1.91mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418