By Friday FreeBSD all the major Linux distributors, including Red Hat Inc., Debian, Suse Linux AG, MandrakeSoft SA, Slackware and Gentoo Software, had all issued patches for the versions of CVS (Concurrent Versioning System) packaged to run on their distributions, following an advisory published earlier this week by German security firm E-Matters. The firm also warned of a similar, more easily exploitable flaw in Subversion, a newer and less popular revision of CVS.
May 22, 2004
CVS flaw has Linux vendors rushing out patches
Linux vendors have rushed to distribute patches for a critical flaw in CVS, a widely used program for collaborating on software development, that could allow a malicious user unauthorized access to development code.