Advisories | Mandriva

Package name	cvs
Date	April 20th, 2005
Advisory ID	MDKSA-2005:073
Affected versions	10.0, 10.1, CS2.1, CS3.0, 10.2

Problem Description

A buffer overflow and memory access problem in CVS have been
discovered by the CVS maintainer. The updated packages have been
patched to correct the problem.

Updated Packages

Mandrakelinux 10.0

 fcca52a87c10c21980b5bb82e4146cd7  10.0/RPMS/cvs-1.11.17-1.2.100mdk.i586.rpm
3a8336cdfb01ebac7238dd2a90557cd0  10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64

 ebc0e0ca427a6a4af5e8cb3a02be6d10  amd64/10.0/RPMS/cvs-1.11.17-1.2.100mdk.amd64.rpm
3a8336cdfb01ebac7238dd2a90557cd0  amd64/10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.1

 26f8c84536a69f008748013d58fa9731  10.1/RPMS/cvs-1.11.17-2.1.101mdk.i586.rpm
a78c97927dbf5531c72170c41a1b848c  10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64

 fc4c1cf58191170ddc0e0c3d93c943b4  x86_64/10.1/RPMS/cvs-1.11.17-2.1.101mdk.x86_64.rpm
a78c97927dbf5531c72170c41a1b848c  x86_64/10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Corporate Server 2.1

 2f8c375ffdf2a5c842fa28f317c50a62  corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.i586.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3  corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64

 0bbb0a61241de7ea552a22f1bcee49e2  x86_64/corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.x86_64.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3  x86_64/corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate Server 3.0

 64346680df70221e6c8340fecdd383a1  corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.i586.rpm
1c5fd32822539582ce9f513f827d7697  corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 66cd15abb301b08dc0c00c06829e6d2e  x86_64/corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.x86_64.rpm
1c5fd32822539582ce9f513f827d7697  x86_64/corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm

Mandriva Linux LE2005

 bde89da06e586ed4b1540c74758b16be  10.2/RPMS/cvs-1.11.19-1.1.102mdk.i586.rpm
3fbedcddb4d39abf1ea4197ab3ab8458  10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

Mandriva Linux LE2005/X86_64

 4363551cd317f849f3a456ab6175db1e  x86_64/10.2/RPMS/cvs-1.11.19-1.1.102mdk.x86_64.rpm
3fbedcddb4d39abf1ea4197ab3ab8458  x86_64/10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

		rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.