Accepted cvs 1.11.1p1debian-9 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 06 Jan 2004 19:45:05 +0000
Source: cvs
Binary: cvs
Architecture: source i386
Version: 1.11.1p1debian-9
Distribution: stable-security
Urgency: high
Maintainer: Steve McIntyre <93sam@debian.org>
Changed-By: Steve McIntyre <93sam@debian.org>
Description:
cvs - Concurrent Versions System
Changes:
cvs (1.11.1p1debian-9) stable-security; urgency=high
.
* Upload by the new maintainer for a security release for several
vulnerabilities:
+ Back-ported fix from new upstream to fix potential file-creation
hole in modules parsing (CAN-2003-0977).
+ Applied repouid patch from http://www.wiggy.net/code/cvs-repouid/.
Pserver will no longer run as root; user mappings now controlled
by new config file /etc/cvs-repouids rather than CVSROOT/passwd.
+ Default umask changed for CVSROOT when running "cvs init".
+ Tightened permissions on cvs roots created by cvs-makerepos.
Files:
c4089836fe7f6b777920dd37d09e982d 681 devel optional cvs_1.11.1p1debian-9.dsc
74746359d1b7a9cd0459ddeaa6ec52a7 49416 devel optional cvs_1.11.1p1debian-9.diff.gz
6d7f9f5a8730595d9ad88560b7474816 1085664 devel optional cvs_1.11.1p1debian-9_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/+xHafDt5cIjHwfcRAkhWAJ9RqjA+nlH3vSxGZFjLti5yW6ku/wCfVd3R
ceFg/LmKGNSMciDZc0faxa0=
=a5/R
-----END PGP SIGNATURE-----
Accepted:
cvs_1.11.1p1debian-9.diff.gz
to pool/main/c/cvs/cvs_1.11.1p1debian-9.diff.gz
cvs_1.11.1p1debian-9.dsc
to pool/main/c/cvs/cvs_1.11.1p1debian-9.dsc
cvs_1.11.1p1debian-9_i386.deb
to pool/main/c/cvs/cvs_1.11.1p1debian-9_i386.deb
Reply to: