cvs security update

ID CESA-2005:756-01
Type centos
Reporter CentOS Project
Modified 2005-09-06T23:15:59


CentOS Errata and Security Advisory CESA-2005:756-01

CVS (Concurrent Version System) is a version control system.

An insecure temporary file usage was found in the cvsbug program. It is possible that a local user could leverage this issue to execute arbitrary instructions as the user running cvsbug. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2693 to this issue.

All users of cvs should upgrade to this updated package, which includes a patch to correct this issue.

Merged security bulletin from advisories:

Affected packages: cvs

Upstream details at: