CVS: Heap-based overflow — GLSA 201701-44

A heap-based buffer overflow in CVS might allow remote attackers to execute arbitrary code.

Affected packages

dev-vcs/cvs on all architectures
Affected versions < 1.12.12-r11
Unaffected versions >= 1.12.12-r11

Background

CVS (Concurrent Versions System) is an open-source network-transparent version control system. It contains both a client utility and a server.

Description

A heap-based buffer overflow was discovered in the proxy_connect function in src/client.c in CVS.

Impact

An attacker, utilizing a remote HTTP proxy server, could cause a Denial of Service condition or possibly execute arbitrary code via a crafted HTTP response.

Workaround

There is no known workaround at this time.

Resolution

All CVS users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-vcs/cvs-1.12.12-r11"
 

References

Release date
January 19, 2017

Latest revision
January 19, 2017: 01

Severity
normal

Exploitable
remote

Bugzilla entries