Closed Bug 291623 Opened 19 years ago Closed 19 years ago

2005 Apr 18 CVS remote code execution security update (1.11.20)

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: justdave, Assigned: justdave)

Details

Dave Miller [:justdave]

Assignee

Description

•

19 years ago

cvshome.org released an update with a security advisory for a remote code
execution vulnerability on April 18th.

https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=141

The upgrade has already been completed on the mozilla.org servers (earlier this
morning), but we never got a bug filed on it, so filing one for the records.

Dave Miller [:justdave]

Assignee

Comment 1

•

19 years ago

RedHat has yet to issue an errata on this, but we're too high-profile a site to
wait for them.

I built an SRPM of 1.11.20 plus the NoReadLocks patch, which is on
vegas:/usr/src/redhat/SRPMS

Status: NEW → RESOLVED

Closed: 19 years ago

Priority: -- → P1

Resolution: --- → FIXED

Nobody; OK to take it and work on it

Updated

•

9 years ago

Product: mozilla.org → mozilla.org Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

2005 Apr 18 CVS remote code execution security update (1.11.20)

Categories

(mozilla.org Graveyard :: Server Operations, task, P1)

Tracking

(Not tracked)

People

(Reporter: justdave, Assigned: justdave)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated