OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-web Date: 10-Jun-2005 20:22:22 Branch: HEAD Handle: 2005061019222200 Modified files: openpkg-web/security OpenPKG-SA-2005.007-cvs.txt Log: small cosmetics Summary: Revision Changes Path 1.2 +7 -6 openpkg-web/security/OpenPKG-SA-2005.007-cvs.txt ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-web/security/OpenPKG-SA-2005.007-cvs.txt ============================================================================ $ cvs diff -u -r1.1 -r1.2 OpenPKG-SA-2005.007-cvs.txt --- openpkg-web/security/OpenPKG-SA-2005.007-cvs.txt 18 May 2005 14:58:07 -0000 1.1 +++ openpkg-web/security/OpenPKG-SA-2005.007-cvs.txt 10 Jun 2005 18:22:22 -0000 1.2 @@ -3,7 +3,7 @@ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [EMAIL PROTECTED] [EMAIL PROTECTED] -OpenPKG-SA-2005.007 18-Apr-2005 +OpenPKG-SA-2005.007 10-Jun-2005 ________________________________________________________________________ Package: cvs @@ -18,11 +18,12 @@ Dependent Packages: none Description: - According to a Debian bug report [0], a denial of service vulnerability - exists in the embedded ZLib [1] compression logic of CVS. The problem - involves incorrect error handling in the inflate() and inflateBack() - functions. The Common Vulnerabilities and Exposures (CVE) project - assigned the identifier CAN-2004-0797 [2] to the problem. + According to a Debian bug report [0], a Denial of Service (DoS) + vulnerability exists in the embedded ZLib [1] compression logic of + the Concurrent Versions Systems (CVS). The problem involves incorrect + error handling in the inflate() and inflateBack() functions. The + Common Vulnerabilities and Exposures (CVE) project assigned the + identifier CAN-2004-0797 [2] to the problem. Please check whether you are affected by running "<prefix>/bin/openpkg rpm -q cvs". If you have the "cvs" package installed and its version @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org