Debian Information for VU#650937
Concurrent Versions System (CVS) server improperly deallocates memory
- Vendor Information Help Date Notified: 20 Jan 2003
- Statement Date:
- Date Updated: 22 Jan 2003
Status
Affected
Vendor Statement
Debian has updated their distribution with DSA 233.
http://www.debian.org/security/2003/dsa-233
For the stable distribution (woody) this problem has been fixed in version 1.11.1p1debian-8.1.
For the old stable distribution (potato) this problem has been fixed in version 1.10.7-9.2.
For the unstable distribution (sid) this problem will be fixed soon.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.