CVE-2005-2693

Name	CVE-2005-2693
Description	cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-802-1, DSA-806-1
Debian Bugs	324969, 325106

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
cvs (PTS)	bullseye	2:1.12.13+real-28	fixed
	bookworm	2:1.12.13+real-28+deb12u1	fixed
	sid, trixie	2:1.12.13+real-30	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
cvs	source	woody	1.11.1p1debian-13	low	DSA-802-1
cvs	source	(unstable)	1:1.11.5-4	low		325106
gcvs	source	woody	1.0a7-2woody1	low	DSA-806-1
gcvs	source	sarge	1.0final-5sarge1	low	DSA-806-1
gcvs	source	(unstable)	1.0final-8	low		324969

cvsbug was removed from the cvs binary package in 1:1.11.5-4.
The copy in the cvs source package was fixed in 1:1.12.9-15.