CVE: CAN-2003-0015 Vulnerability: In the CVS server, users with read-only access could potentially gain write access. Resolution: Upgraded to CVS version 1.11.5 which fixes the security vulnerability. Packages: New CVS packages are available for Slackware 8.1 and Slackware-current. Download Links: - Slackware 8.1: http://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/cvs-1.11.5-i386-1.tgz - Slackware-current: http://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/cvs-1.11.5-i386-1.tgz MD5 Sums: - Slackware 8.1: 37d76c774c9474bf0117d429d6c3740e - Slackware-current: c43d82187dfa695aa53aaf5b4d3050a1 Installation Instructions: As root, upgrade to the new cvs.tgz package using . Source: Slackware Linux Security Team