[SECURITY] [DLA 1056-1] cvs security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1056-1] cvs security update
From: Chris Lamb <lamby@debian.org>
Date: Sun, 13 Aug 2017 14:28:05 -0400
Message-id: <[🔎] 1502648885.2411188.1072068248.50E427FE@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : cvs
Version        : 2:1.12.13+real-9+deb7u1
CVE ID         : CVE-2017-12836
Debian Bug     : #871810

It was discovered that there was a command injection vulnerability in the CVS
revision control system.

For Debian 7 "Wheezy", this issue has been fixed in cvs version
2:1.12.13+real-9+deb7u1.

We recommend that you upgrade your cvs packages. Thanks to Thorsten Glaser
<tg@mirbsd.de> for preparing and testing this upload.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmQmhsACgkQHpU+J9Qx
Hlhp1hAAo9FZ5HBMojIECE+uqDBO074qzQFXG0CkAptpDIY0jgI/FLaH6SFIYDbh
uWZdLJeu/vN50odpsxYtuXh3TaxFVhYvxcHOilRsugrZHjzz+j3gpVSmorJxpNl4
Pjnvv0aV8PFkmLyyst2ar8h5tuLul68XldkcrpgznIHwoJamRJVrlzXMaIjehELX
9ussmeU1x5NN1GLvVztH5X5vC3XD1F6LCqaDy93JRSMPuFRFa3SJwHNTigom4r7F
h81/KtNqhKSHrk6+uMlIEB8NmAE0bf0Ws6AHNL06ocBUz+IKGSVJ4IoCNgIH2POn
Ioy3YoSpvzl9Ne1fPqKfNGVZW4128etX/pj+Ugy96up2EeklceinBQvYla0GGCJv
MSB/8tuGOxhGz8UWWAjKD+4BFcyURTbuFTOOChlpOxo1HfBCBNetpGuTOH82lsDC
4k9m30VVJfcZJrkF/8tc/CUIQrCtrUWEKEyfcF/FurJiel8ll+wR+JoHwYp2IZax
kkaeO8VMCPq0MWcOdyDTjk5gHSZ4M+xm1s79R4XY9Lj3kO8hig1qdDltBfXzYU5I
UDWP3IlBd69JVwlA95p56kghBq5YT1HcAIIlgcW/YzM8dXJ6qjV5IcnUghXMDY3W
nt1PnOxM6eGPrUm4V52/oXBa7kspG4t1Yhj35Nk1kwhQk6OAQpI=
=hI39
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1055-1] libgd2 security update
Next by Date: [SECURITY] [DLA 1057-1] libraw security update
Previous by thread: [SECURITY] [DLA 1055-1] libgd2 security update
Next by thread: [SECURITY] [DLA 1057-1] libraw security update
Index(es):
- Date
- Thread