2005 Apr 18 CVS remote code execution security update (1.11.20)

RESOLVED FIXED

Status

mozilla.org Graveyard
Server Operations
P1
blocker
RESOLVED FIXED
13 years ago
3 years ago

People

(Reporter: justdave, Assigned: justdave)

Tracking

Details

cvshome.org released an update with a security advisory for a remote code
execution vulnerability on April 18th.

https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=141

The upgrade has already been completed on the mozilla.org servers (earlier this
morning), but we never got a bug filed on it, so filing one for the records.
RedHat has yet to issue an errata on this, but we're too high-profile a site to
wait for them.

I built an SRPM of 1.11.20 plus the NoReadLocks patch, which is on
vegas:/usr/src/redhat/SRPMS
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Priority: -- → P1
Resolution: --- → FIXED
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.