Lucene search

CentOS ProjectCESA-2005:756-01

HistorySep 06, 2005 - 11:15 p.m.

cvs security update

2005-09-0623:15:59

CentOS Project

lists.centos.org

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

16.0%

JSON

CentOS Errata and Security Advisory CESA-2005:756-01

CVS (Concurrent Version System) is a version control system.

An insecure temporary file usage was found in the cvsbug program. It is
possible that a local user could leverage this issue to execute arbitrary
instructions as the user running cvsbug. The Common Vulnerabilities and
Exposures project assigned the name CAN-2005-2693 to this issue.

All users of cvs should upgrade to this updated package, which includes a
patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-September/074285.html

Affected packages:
cvs

OSVersionArchitecturePackageVersionFilename
CentOS2i386cvs< 1.11.1p1-19cvs-1.11.1p1-19.i386.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	2	i386	cvs	< 1.11.1p1-19	cvs-1.11.1p1-19.i386.rpm

References

steadfast.net/

www.ict.swin.edu.au/staff/jnewbigin

rhn.redhat.com/errata/rh21as-errata.html

twitter.com/centos

www.facebook.com/groups/centosproject/

www.linkedin.com/groups/22405

www.reddit.com/r/CentOS/

youtube.com/TheCentOSProject

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

16.0%

JSON

Related for CESA-2005:756-01