<<< Date Index >>>     <<< Thread Index >>>

[PLSN-0005] new cvs package available



---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0005
April 22, 2005

Buffer overflow, memory leaks, and NULL pointer dereference in CVS
CAN-2005-0753, http://www.cvshome.org/
---------------------------------------------------------------------------

The following Peachtree Linux releases are affected:

   Peachtree Linux release 1 ("Atlanta")

Description:

   From the CVS changelog:

   Thanks to a report from Alen Zukich <alen.zukich@xxxxxxxxxxxx>, several
   minor security issues have been addressed.  One was a buffer overflow
   that is potentially serious but which may not be exploitable, assigned
   CAN-2005-0753 by the Common Vulnerabilities and Exposures Project
   <http://www.cve.mitre.org>.  Other fixes resulting from Alen's report
   include repair of an arbitrary free with no known exploit and several
   plugged memory leaks and potentially freed NULL pointers which may have
   been exploitable for a denial of service attack.

   Thanks to a report from Craig Monson <craig@xxxxxxxxxxxxxxx>, minor
   potential vulnerabilities in the contributed Perl scripts have been
   fixed.  The confirmed vulnerability could allow the execution of
   arbitrary code on the CVS server, but only if a user already had commit
   access and if one of the contrib scripts was installed improperly, a
   condition which should have been quickly visible to any administrator.
   The complete description of the problem is here:
   <https://ccvs.cvshome.org/issues/show_bug.cgi?id=224>.  If you were
   making use of any of the contributed trigger scripts on a CVS server,
   you should probably still replace them with the new versions, to be on
   the safe side.

   Unfortunately, our fix is incomplete.  Taint-checking has been enabled
   in all the contributed Perl scripts intended to be run as trigger
   scripts, but no attempt has been made to ensure that they still run in
   taint mode.  You will most likely have to tweak the scripts in some way
   to make them run.  Please send any patches you find necessary back to
   <bug-cvs@xxxxxxx> so that we may again ship fully enabled scripts in
   the future.

   You should also make sure that any home-grown Perl scripts that you
   might have installed as CVS triggers also have taint-checking enabled.
   This can be done by adding `-T' on the scripts' #! lines.  Please try
   running `perldoc perlsec' if you would like more information on
   general Perl security and taint-checking.

Packages:

   alpha
      177d487f2b06c39b844fa934609bed73  cvs-1.11.20.alpha.dist

   i386
      007de7131e2eb367b0f88b7f336052ed  cvs-1.11.20.i686.dist

   ppc
      81ebb3159903205c189f808368d20dc5  cvs-1.11.20.ppc.dist

Solution:

   Download the appropriate package for your release of Peachtree linux.
   Upgrade your system to the new package:

      distadd -u packagename

   Where package name is the name of the package file from the list above.

   After upgrading the cvs package, you'll want to kill and restart any
   server processes you have running.

-- 
Peachtree Linux Security Team
http://peachtree.burdell.org/

Attachment: pgp22maT4ACi4.pgp
Description: PGP signature