freebsd-dev

FreeBSD src

Go to file

Jacques Vidrine c8ae5f0562 Incorporate two security fixes from later versions of CVS. From the NEWS file of cvs 1.11.11: * pserver can no longer be configured to run as root via the $CVSROOT/CVSROOT/passwd file, so if your passwd file is compromised, it no longer leads directly to a root hack. Attempts to root will also be logged via the syslog. * Malformed module requests could cause the CVS server to attempt to create directories and possibly files at the root of the filesystem holding the CVS repository. Filesystem permissions usually prevent the creation of these misplaced directories, but nevertheless, the CVS server now rejects the malformed requests. Obtained from: ccvs.cvshome.org	2004-01-21 16:27:56 +00:00
contrib/cvs	Incorporate two security fixes from later versions of CVS.	2004-01-21 16:27:56 +00:00
gnu/usr.bin/cvs	recording cvs-1.6 file death	1995-12-30 19:02:48 +00:00

Jacques Vidrine c8ae5f0562 Incorporate two security fixes from later versions of CVS.

From the NEWS file of cvs 1.11.11:

  * pserver can no longer be configured to run as root via the
    $CVSROOT/CVSROOT/passwd file, so if your passwd file is
    compromised, it no longer leads directly to a root hack.  Attempts
    to root will also be logged via the syslog.

  * Malformed module requests could cause the CVS server to attempt
    to create directories and possibly files at the root of the
    filesystem holding the CVS repository.  Filesystem permissions
    usually prevent the creation of these misplaced directories, but
    nevertheless, the CVS server now rejects the malformed requests.

Obtained from:	ccvs.cvshome.org

2004-01-21 16:27:56 +00:00

contrib/cvs

Incorporate two security fixes from later versions of CVS.

2004-01-21 16:27:56 +00:00

gnu/usr.bin/cvs

recording cvs-1.6 file death

1995-12-30 19:02:48 +00:00