CVS: Heap-based overflow

Background CVS Concurrent Versions System is an open-source network-transparent version control system. It contains both a client utility and a server. Description A heap-based buffer overflow was discovered in the proxyconnect function in src/client.c in CVS. Impact An attacker, utilizing a remo...

kdebase -- Kate backup file permission leak

A KDE Security Advisory explains: Kate / Kwrite create a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. Depending on the system security settings, backup files might be readable by othe...