SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cvs-1.11.16-1.i586.rpm :
Thu May 20 14:00:00 2004 PLD Team
All persons listed below can be reached at AATTpld.org.pl

$Log: cvs.spec,v $
Revision 1.114.4.1 2004/05/20 13:55:45 kloczek
- release 1: backport for Ra.

Revision 1.114 2004/05/20 13:06:20 kloczek
- updated to 1.11.16
- SECURITY FIXES: CAN-2004-0396
A potential buffer overflow vulnerability in the server has been fixed.
Prior to this patch, a malicious client could potentially use carefully
crafted server requests to run arbitrary programs on the CVS server
machine.
- License changed to GPL v1.

Revision 1.113 2004/04/14 18:06:15 kloczek
- updated to 1.11.15,
- SECURITY FIXES:
Clients now check paths from the server to verify that they are within one
of the sandboxes the user requested be updated. Previously, a trojan
server could have written or overwritten files anywhere the user had
access, presenting a serious security risk.

Revision 1.112 2004/03/12 06:41:47 kloczek
- updated to 1.11.14.

Revision 1.111 2004/02/28 09:31:34 kloczek
- use strict Requires rules between subpackages.

Revision 1.110 2004/02/15 13:38:17 kloczek
- release 2.

Revision 1.109 2004/02/15 13:33:34 kloczek
- added am163 patch for allow build cvs also for Ra.

Revision 1.108 2004/02/15 13:31:15 kloczek
- updated to 1.11.13,
- SECURITY FIXES:
- Several memory leaks have been plugged.
- An unlikely potential segfault when using the :fork: connection method has
been fixed.
- A fix has been included that should avoid a very rare race condition that
could cause a CVS server to exit with a \"broken pipe\" message.

Revision 1.107 2004/02/15 12:46:30 kloczek
- updated to 1.11.12,
- SECURITY FIXES: CAN-2002-0844 CAN-2003-0977
A flaw was found in versions of CVS prior to 1.11.10 where a malformed
module request could cause the CVS server to attempt to create files or
directories at the root level of the file system. However, normal file
system permissions would prevent the creation of these misplaced
directories.

Revision 1.106 2003/10/13 23:46:08 kloczek
- updated to 1.11.9: bug fixes.

Revision 1.105 2003/10/10 18:18:52 kloczek
- use SUSv2 compliant chown syntax (user:group).

Revision 1.104 2003/10/07 04:47:12 kloczek
- updated to 1.11.8:
A problem in the CVS getpass library that could cause passwords to echo on
some systems has been fixed.

Revision 1.103 2003/10/01 01:22:25 kloczek
- added ac253 patch (ac 2.53 also can be used on regenerate current cvs ac suit).

Revision 1.102 2003/09/30 15:41:21 kloczek
- updated to 1.11.7: bug fixes only,
- removed tmprace patch (integrated in current version),
- new ipv6 patch.

Revision 1.101 2003/06/27 17:27:16 kloczek
- unifications and cleanups.

Revision 1.100 2003/01/21 08:25:59 qboosh
- more friendly Source0 URL

Revision 1.99 2003/01/20 23:51:54 kloczek
- updated to 1.11.5: fixes a major security vulnerability (CAN-2003-0015).

Revision 1.98 2003/01/18 13:25:09 qboosh
- added Obsoletes: for cvs-nserver packages

Revision 1.97 2003/01/17 20:09:39 qboosh
- up to 1.11.4
- removed obsolete libobj,chmod,ac,pserver-dos patches
- updated zlib,home_etc patches, added no_libnsl patch
- release 0.9 - need to check (especially home_etc)


  
ICM