HEADS UP: CVS import

Matthew Dillon dillon at apollo.backplane.com
Mon Jan 19 09:10:34 PST 2004


:This release (1.11.11) has some security fixes, to know:
:
:Stable CVS 1.11.11 has been released. Stable releases contain only bug
:fixes from previous versions of CVS. This release adds code to the CVS
:server to prevent it from continuing as root after a user login, as an
:extra failsafe against a compromise of the CVSROOT/passwd file.
:Previously, any user with the ability to write the CVSROOT/passwd file
:could execute arbitrary code as the root user on systems with CVS
:pserver access enabled. We recommend this upgrade for all CVS servers!
:
:-- 
:Jeroen Ruigrok van der Werven <asmodai(at)wxs.nl> / asmodai / kita no mono
:PGP fingerprint: 2D92 980E 45FE 2C28 9DB7  9D88 97E6 839B 2EAC 625B
:http://www.tendra.org/   | http://diary.in-nomine.org/
:Don't try to find the Answer where there ain't no Question here...

    There are a bunch of FreeBSDisms that you have to commit, like 
    -g, -R, and -j to cvs diff.  And there are a ton more as well.

    Actually, it looks like you didn't commit any of the FreeBSD/DFly
    stuff!  Ouch!

    You will have to diff the FreeBSD changes from the FreeBSD source tree
    relative to the base dist they were running.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>





More information about the Kernel mailing list