A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code.
|Package||dev-vcs/cvs on all architectures|
|Affected versions||< 1.12.12-r12|
|Unaffected versions||>= 1.12.12-r12|
CVS (Concurrent Versions System) is an open-source network-transparent version control system. It contains both a client utility and a server.
It was discovered that when CVS is configured to use SSH for remote repositories it allows remote attackers to execute arbitrary code through a repository URL with a specially crafted hostname.
A remote attacker, by enticing a user to clone a specially crafted repository, could possibly execute arbitrary code with the privileges of the process.
There is no known workaround at this time.
All CVS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/cvs-1.12.12-r12"
September 24, 2017
September 24, 2017: 1