Fedora Legacy Update Advisory

Synopsis:          Updated cvs resolves security vulnerability
Advisory ID:       FLSA:1620
Issue date:        2004-06-02
Product:           Red Hat Linux
Keywords:          Security
Cross references:   
CVE Names:         CAN-2004-0180 CAN-2004-0396 CAN-2004-0405
- -----------------------------------------------------------------------


- ---------------------------------------------------------------------
1. Topic:

Updated cvs packages that fix remote denial of service vulnerabilities are 
now available.

2. Relevent releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9   - i386

3. Problem description:

Sebastian Krahmer discovered a flaw in CVS clients where rcs diff files can 
create files with absolute pathnames An attacker could create a fake 
malicious CVS server that would cause arbitrary files to be created or 
overwritten when a victim connects to it. The Common Vulnerabilities and 
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0180 to 
this issue.  (Note: Red Hat Linux 9 was already patched for this issue)

Derek Price discovered a vulnerability whereby a CVS pserver could be 
abused by a malicious client to view the contents of certain files outside 
of the CVS root directory using relative pathnames containing "../". The 
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned 
the name CAN-2004-0405 to this issue. (Note: Red Hat Linux 9 was already 
patched for this issue)

Stefan Esser discovered a flaw in cvs where malformed "Entry" lines could 
cause a heap overflow. An attacker who has access to a CVS server could 
use this flaw to execute arbitrary code under the UID which the CVS server 
is executing. The Common Vulnerabilities and Exposures project 
(cve.mitre.org) has assigned the name CAN-2004-0396 to this issue.

Users of CVS are advised to upgrade to these erratum packages, which 
contain a patch correcting this issue.

Fedora Legacy would like to thank David M. Kaplan for bringing these issues 
to our attention.

4. Solution:

Before applying this update, make sure all previously released errata 
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those 
RPMs which are currently installed will be updated.  Those RPMs which are 
not installed but included in the list will not be updated.  Note that you 
can also use wildcards (*.rpm) if your current directory *only* contains 
the desired RPMs.

Please note that this update is also available via yum and apt.  Many 
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate 
RPMs being upgraded on your system.  This assumes that you have yum or 
apt-get configured for obtaining Fedora Legacy content. Please visit  
 for directions on how to configure yum 
and apt-get.

5. Bug IDs fixed:
 
  - 1620 - Security problems found with CVS that 
need to be fixed.

6. RPMs required:

Red Hat Linux 7.3:

SRPM: 
 

i386: 
 

Red Hat Linux 9:

SRPM: 
 

i386: 
 


7. Verification:

SHA1 sum                                 Package Name
- ---------------------------------------------------------------------------

58069558fc24abfa50f2ac94327c8d06f234bbd9  
7.3/updates/SRPMS/cvs-1.11.1p1-14.legacy.3.src.rpm
523e9f69536d69ae5a8984f4327e35b32c38afdc  
7.3/updates/i386/cvs-1.11.1p1-14.legacy.3.i386.rpm

84027d8b84f72c675aeb15816034e86450534b62  
9/updates/SRPMS/cvs-1.11.2-23.legacy.src.rpm
e79bb82a8dca7a50cf51a72a85879bdbfa0b338d  
9/updates/i386/cvs-1.11.2-23.legacy.i386.rpm

These packages are GPG signed by Fedora Legacy for security.  Our key is 
available from    org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or 
tampered with, examine only the sha1sum with the following command:

    sha1sum 

8. References:
 
CVE -CVE-2004-0180 
CVE -CVE-2004-0396 
CVE -CVE-2004-0405 
https://access.redhat.com/errata/RHSA-2004:153.html 
https://access.redhat.com/errata/RHSA-2004:190.html 
 
 


9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More 
project details at   .org

Red Hat: cvs Denial of service vulnerabilities

Updated cvs packages that fix remote denial of service vulnerabilities are now available

Summary



Summary

Sebastian Krahmer discovered a flaw in CVS clients where rcs diff files can create files with absolute pathnames An attacker could create a fake malicious CVS server that would cause arbitrary files to be created or overwritten when a victim connects to it. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0180 to this issue. (Note: Red Hat Linux 9 was already patched for this issue) Derek Price discovered a vulnerability whereby a CVS pserver could be abused by a malicious client to view the contents of certain files outside of the CVS root directory using relative pathnames containing "../". The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0405 to this issue. (Note: Red Hat Linux 9 was already patched for this issue) Stefan Esser discovered a flaw in cvs where malformed "Entry" lines could cause a heap overflow. An attacker who has access to a CVS server could use this flaw to execute arbitrary code under the UID which the CVS server is executing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0396 to this issue. Users of CVS are advised to upgrade to these erratum packages, which contain a patch correcting this issue. Fedora Legacy would like to thank David M. Kaplan for bringing these issues to our attention.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit for directions on how to configure yum and apt-get.
5. Bug IDs fixed:
- 1620 - Security problems found with CVS that need to be fixed.
6. RPMs required:
Red Hat Linux 7.3:
SRPM:

i386:

Red Hat Linux 9:
SRPM:

i386:


7. Verification:
SHA1 sum Package Name
58069558fc24abfa50f2ac94327c8d06f234bbd9 7.3/updates/SRPMS/cvs-1.11.1p1-14.legacy.3.src.rpm 523e9f69536d69ae5a8984f4327e35b32c38afdc 7.3/updates/i386/cvs-1.11.1p1-14.legacy.3.i386.rpm
84027d8b84f72c675aeb15816034e86450534b62 9/updates/SRPMS/cvs-1.11.2-23.legacy.src.rpm e79bb82a8dca7a50cf51a72a85879bdbfa0b338d 9/updates/i386/cvs-1.11.2-23.legacy.i386.rpm
These packages are GPG signed by Fedora Legacy for security. Our key is available from org/about/security.php
You can verify each package with the following command:
rpm --checksig -v
If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:
sha1sum

References

CVE -CVE-2004-0180 CVE -CVE-2004-0396 CVE -CVE-2004-0405 https://access.redhat.com/errata/RHSA-2004:153.html https://access.redhat.com/errata/RHSA-2004:190.html

Package List


Severity
Advisory ID: FLSA:1620
Issued Date: : 2004-06-02
Product: Red Hat Linux
Keywords: Security
Cross references:
CVE Names: CAN-2004-0180 CAN-2004-0396 CAN-2004-0405

Topic


Topic

Updated cvs packages that fix remote denial of service vulnerabilities are

now available.

2. Relevent releases/architectures:

Red Hat Linux 7.3 - i386

Red Hat Linux 9 - i386


 

Relevant Releases Architectures


Bugs Fixed


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved