cvs version 1.11.10 import? [security fix]
Colin Percival
colin.percival at wadham.ox.ac.uk
Mon Dec 15 08:08:53 PST 2003
At 10:46 15/12/2003 -0500, Mike Tancsa wrote:
>Hi, did you ever find out if this security issue does effect FreeBSD ?
I think it does. As far as I can tell, it seems to cause
problems when CVSROOT is :local:/something. I'm not sure if
this is actually exploitable -- I can't see any indication
that the cvs people know, either -- but the buggy code is
definitely in FreeBSD.
Since they don't seem to have published it, I've extracted
the relevant patch from CVS's CVS tree and included it below.
Colin Percival
===================================================================
RCS file: /usr/local/tigris/data/helm/cvs/repository/ccvs/src/expand_path.c,v
retrieving revision 1.21
retrieving revision 1.21.6.1
diff -u -r1.21 -r1.21.6.1
--- ccvs/src/expand_path.c 2001/01/09 13:59:59 1.21
+++ ccvs/src/expand_path.c 2003/12/03 19:22:01 1.21.6.1
@@ -272,7 +272,7 @@
int line;
{
if (strcmp (name, CVSROOT_ENV) == 0)
- return current_parsed_root->original;
+ return current_parsed_root->directory;
else if (strcmp (name, "RCSBIN") == 0)
{
error (0, 0, "RCSBIN internal variable is no longer supported");
More information about the freebsd-security
mailing list