Lucene search

Https://packages.altlinux.org/en/sisyphus/security/4ABF87B7DC675496BDC64B96F5BAC565

HistoryDec 03, 2010 - 12:00 a.m.

Security fix for the ALT Linux 5 package cvs version 1.11.23-alt4

2010-12-0300:00:00

https://packages.altlinux.org/en/sisyphus/security/

packages.altlinux.org

0.0004 Low

EPSS

Percentile

10.1%

JSON

Dec. 3, 2010 Dmitry V. Levin 1.11.23-alt4

- Applied upstream fix to an array index error, leading to a heap-based
  buffer overflow, found in the way CVS applied certain delta fragment
  changes from input files in the RCS (Revision Control System) file
  format.  If an attacker in control of a CVS repository stored a
  specially-crafted RCS file in that repository, this could result in
  arbitrary code execution with the privileges of the CVS server process
  on the system hosting the CVS repository when a remote user eventually
  checks out a revision of the affected file.
  Special thanks to Owl for the description.
  (CVE-2010-3846; closes: [#24468](&lt;https://bugzilla.altlinux.org/24468&gt;)).

OSVersionArchitecturePackageVersionFilename
ALT Linux5srccvs-1.11.23-alt3.m50p.1.src.rpm< 1.11.23-alt4cvs-1.11.23-alt3.M50P.1.src.rpm
ALT Linux5x86_64cvs-1.11.23-alt3.m50p.1.x86_64.rpm< 1.11.23-alt4cvs-1.11.23-alt3.M50P.1.x86_64.rpm
ALT Linux5i586cvs-1.11.23-alt3.m50p.1.i586.rpm< 1.11.23-alt4cvs-1.11.23-alt3.M50P.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
ALT Linux	5	src	cvs-1.11.23-alt3.m50p.1.src.rpm	< 1.11.23-alt4	cvs-1.11.23-alt3.M50P.1.src.rpm
ALT Linux	5	x86_64	cvs-1.11.23-alt3.m50p.1.x86_64.rpm	< 1.11.23-alt4	cvs-1.11.23-alt3.M50P.1.x86_64.rpm
ALT Linux	5	i586	cvs-1.11.23-alt3.m50p.1.i586.rpm	< 1.11.23-alt4	cvs-1.11.23-alt3.M50P.1.i586.rpm