DragonFly kernel List (threaded) for 2004-01
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: HEADS UP: CVS import

From:	Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date:	Mon, 19 Jan 2004 09:09:52 -0800 (PST)

:This release (1.11.11) has some security fixes, to know:
:
:Stable CVS 1.11.11 has been released. Stable releases contain only bug
:fixes from previous versions of CVS. This release adds code to the CVS
:server to prevent it from continuing as root after a user login, as an
:extra failsafe against a compromise of the CVSROOT/passwd file.
:Previously, any user with the ability to write the CVSROOT/passwd file
:could execute arbitrary code as the root user on systems with CVS
:pserver access enabled. We recommend this upgrade for all CVS servers!
:
:-- 
:Jeroen Ruigrok van der Werven <asmodai(at)wxs.nl> / asmodai / kita no mono
:PGP fingerprint: 2D92 980E 45FE 2C28 9DB7  9D88 97E6 839B 2EAC 625B
:http://www.tendra.org/   | http://diary.in-nomine.org/
:Don't try to find the Answer where there ain't no Question here...

    There are a bunch of FreeBSDisms that you have to commit, like 
    -g, -R, and -j to cvs diff.  And there are a ton more as well.

    Actually, it looks like you didn't commit any of the FreeBSD/DFly
    stuff!  Ouch!

    You will have to diff the FreeBSD changes from the FreeBSD source tree
    relative to the base dist they were running.

					-Matt
					Matthew Dillon 
					<dillon@xxxxxxxxxxxxx>

Follow-Ups:
- Re: HEADS UP: CVS import
  - From: Jeroen Ruigrok/asmodai

References:
- HEADS UP: CVS import
  - From: Jeroen Ruigrok/asmodai
- Re: HEADS UP: CVS import
  - From: Jeroen Ruigrok/asmodai

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]