Red Hat Inc. Information for VU#650937

Concurrent Versions System (CVS) server improperly deallocates memory



Vendor Statement

Red Hat Linux and Red Hat Linux Advanced Server shipped with a cvs package vulnerable to these issues. New cvs packages are now available along with our advisory at the URLs below. Users of the Red Hat Network can update their systems using the 'up2date' tool.

Red Hat Linux Advanced Server:

Red Hat Linux:

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References



    The CERT/CC has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.