|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
CVS: cvs.openbsd.org: src
From: Brad Smith (brad
cvs.openbsd.org)
Date: Fri Apr 30 2004 - 19:17:35 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CVSROOT: /cvs
Module name: src
Changes by: bradcvs.openbsd.org 2004/04/30 18:17:35
Modified files:
gnu/usr.bin/cvs/src: Tag: OPENBSD_3_3 client.c modules.c
Log message:
MFC:
Fix by otto
- a malicious server may send path names that translate out of the
local cvs tree on the client, enabling the server to overwrite files
on the client.
- a client may read files outside the repository using the -p flag
with the checkout command.
ok deraadt otto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]