I was just reading on http://www.cyclic.com/cyclic-pages/news9706.html
that CVS 1.9 has a security hole. Redhat might want to consider updating
to version 1.9.10. I checked the updates dir on redhat's ftp site and
there wasn't any update available. From the webpage:
---
If the machine running the CVS server also has running a service which
allows for file upload (for example, anonymous FTP if configured to do
so), then anyone who has the ability to upload files can gain full access
to the server system. If there is no service which allows file upload,
then users who already have some access to the server system can gain
access as any other user, including privileged users.
---
-Fred
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
