- Issued:
- 2012-09-21
- Updated:
- 2013-02-20
RHBA-2012:1302 - Bug Fix Advisory
Synopsis
cvs bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated cvs package that fixes two bugs is now available for Red Hat
Enterprise Linux 6.
[Update 19 November 2012]
The file list of this advisory was updated to move the new cvs-inetd package
from the base repository to the optional repository in the Client and HPC Node
variants. No changes have been made to the packages themselves.
Description
The Concurrent Versions System (CVS) is a version control system that can record
the history of your files. CVS only stores the differences between versions,
instead of every version of every file you have ever created. CVS also keeps a
log of who, when, and why changes occurred.
- Prior to this update, the C shell (csh) did not set the CVS_RSH environment
variable to "ssh" and the remote shell (rsh) was used instead when the users
accessed a remote CVS server. As a consequence, the connection was vulnerable to
attacks because the remote shell is not encrypted or not necessarily enabled on
every remote server. The cvs.csh script now uses valid csh syntax and the
CVS_RSH environment variable is properly set at log-in. (BZ#671145)
- Prior to this update, the xinetd package was not a dependency of the cvs
package. As a result, the CVS server was not accessible through network. With
this update, the cvs-inetd package, which contains the CVS inetd configuration
file, ensures that the xinetd package is installed as a dependency and the
xinetd daemon is available on the system. (BZ#695719)
All users of cvs are advised to upgrade to these updated packages, which fix
these bugs.
Solution
Before applying this update, make sure all previously-released errata relevant
to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
Fixes
- BZ - 671145 - /etc/profile.d/cvs.csh uses non-tcsh syntax
- BZ - 695719 - services that depend on /etc/xinetd.d/ scripts do not list xinetd as a dependency
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
s390x | |
cvs-1.11.23-15.el6.s390x.rpm | SHA-256: 7f6cd71a19478979e3100ec1b09e9260e4cd49ba2e7736a619409423c7764b0f |
cvs-debuginfo-1.11.23-15.el6.s390x.rpm | SHA-256: 149f2bcaac5af83ba80413a1bc6a2d58f3f076780ad50117f4c5af9ba296ab2a |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux for Power, big endian 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
ppc64 | |
cvs-1.11.23-15.el6.ppc64.rpm | SHA-256: 9db809e0adaac19e5c9555c86685ae25ca4f07591e2a025f81889c181b9673e0 |
cvs-debuginfo-1.11.23-15.el6.ppc64.rpm | SHA-256: ff77956dfd1d2eec4b53f9d91beda2f1f05f2aa4d483107f5ccf6955a8baef19 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Server from RHUI 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
s390x | |
cvs-1.11.23-15.el6.s390x.rpm | SHA-256: 7f6cd71a19478979e3100ec1b09e9260e4cd49ba2e7736a619409423c7764b0f |
cvs-debuginfo-1.11.23-15.el6.s390x.rpm | SHA-256: 149f2bcaac5af83ba80413a1bc6a2d58f3f076780ad50117f4c5af9ba296ab2a |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
x86_64 | |
cvs-1.11.23-15.el6.x86_64.rpm | SHA-256: 53acfd99e823c75f2dbdc74cfa1dc9de39f05b16b98853fe0858832f6784964a |
cvs-debuginfo-1.11.23-15.el6.x86_64.rpm | SHA-256: da32218617e88228f74eb4d691a3ff5d4e697f870af1e75738c2bff63a2b79b1 |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
i386 | |
cvs-1.11.23-15.el6.i686.rpm | SHA-256: 670d43061ed9e4423e750edbf9fa412c0d4c52d6a5a68304218bb3131bc89f75 |
cvs-debuginfo-1.11.23-15.el6.i686.rpm | SHA-256: 98e1d96f2c746d6af2605dc886dc6adeb5ca0066e2419dac07d5d3fabb1de60f |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6
SRPM | |
---|---|
cvs-1.11.23-15.el6.src.rpm | SHA-256: 123dc2c54f37ff0965d1e7da8bf29b56f12eacbe9fac2a64d2457a0905315138 |
s390x | |
cvs-1.11.23-15.el6.s390x.rpm | SHA-256: 7f6cd71a19478979e3100ec1b09e9260e4cd49ba2e7736a619409423c7764b0f |
cvs-debuginfo-1.11.23-15.el6.s390x.rpm | SHA-256: 149f2bcaac5af83ba80413a1bc6a2d58f3f076780ad50117f4c5af9ba296ab2a |
cvs-inetd-1.11.23-15.el6.noarch.rpm | SHA-256: 42510db8afda86a58e1f443957487430c1b73e6ea5a1c1bfb43d2e61685b2117 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.