diff --git a/README.md b/README.md
index a1c9391..f48aa67 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,9 @@
 # cvs
 
+Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code).
+CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred.
+
+CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors.
+Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files.
+These directories and files can then be combined together to form a software release.
+
diff --git a/cvs-1.12.12-can_2005_2693.patch b/cvs-1.12.12-can_2005_2693.patch
new file mode 100644
index 0000000..a951a9a
--- /dev/null
+++ b/cvs-1.12.12-can_2005_2693.patch
@@ -0,0 +1,19 @@
+--- cvs-1.12.12/src/cvsbug.in.orig	2005-09-08 15:51:56.000000000 +0200
++++ cvs-1.12.12/src/cvsbug.in	2005-09-08 15:53:11.000000000 +0200
+@@ -109,14 +109,14 @@
+     /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
+       cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+     ORIGINATOR="`cat $TEMP`"
+-    rm -f $TEMP
++    > $TEMP
+   fi
+ fi
+ 
+ if [ "$ORIGINATOR" = "" ]; then
+   grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+   ORIGINATOR="`cat $TEMP`"
+-  rm -f $TEMP
++  > $TEMP
+ fi
+ 
+ if [ -n "$ORGANIZATION" ]; then
diff --git a/cvs-pam b/cvs-pam
new file mode 100644
index 0000000..8d29678
--- /dev/null
+++ b/cvs-pam
@@ -0,0 +1,8 @@
+#%PAM-1.0
+auth       required     pam_stack.so service=system-auth
+auth       required     pam_nologin.so
+account    required     pam_stack.so service=system-auth
+password   required     pam_stack.so service=system-auth
+session    required     pam_stack.so service=system-auth
+session    required     pam_limits.so
+
diff --git a/cvs.spec b/cvs.spec
new file mode 100644
index 0000000..badc4ae
--- /dev/null
+++ b/cvs.spec
@@ -0,0 +1,201 @@
+%define groupid 65015
+%define groupidadmin 65016
+
+Name:          cvs
+Version:       1.12.13
+Release:       3mamba
+Summary:       The CVS (Concurrent Versions System) tools
+Group:         Applications/Development
+Vendor:        openmamba
+Distribution:  openmamba
+Packager:      Silvan Calarco <silvan.calarco@mambasoft.it>
+URL:           http://www.nongnu.org/cvs/
+Source0:       http://ftp.gnu.org/non-gnu/cvs/source/feature/%{version}/cvs-%{version}.tar.bz2
+Source1:       cvspserver-xinetd
+Source2:       cvs-pam
+Patch:         %{name}-1.12.12-can_2005_2693.patch
+License:       GPL
+## AUTOBUILDREQ-BEGIN
+BuildRequires: glibc-devel
+BuildRequires: libe2fs-devel
+BuildRequires: libkrb5-devel
+BuildRequires: libopenssl-devel
+BuildRequires: pam-devel
+BuildRequires: perl-devel
+## AUTOBUILDREQ-END
+BuildRequires: tcsh >= 6.12
+BuildRequires: libgdbm-devel >= 1.8.3
+BuildRequires: glibc-devel >= 2.3.5
+BuildRequires: gettext-devel >= 0.14.0
+BuildRequires: zlib-devel >= 1.2.2
+BuildRequires: debianutils >= 2.5.2
+BuildRequires: coreutils >= 5.2.1
+BuildRequires: perl, groff, ghostscript, texinfo
+PreReq:        %{__install_info}
+BuildRoot:     %{_tmppath}/%{name}-%{version}-build
+
+# FIXME: remove use of PID in `debug_check_log'
+
+%description
+Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code).
+CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred.
+
+CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors.
+Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files.  
+These directories and files can then be combined together to form a software release.
+
+%package server
+Summary:       Server side of the CVS (Concurrent Versions System)
+Group:         System/Servers
+Requires:      %{name} = %{version}
+
+%description server
+Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code).
+CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred.
+
+CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors.
+Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files.  
+These directories and files can then be combined together to form a software release.
+
+This package include the cvs part that create and a cvs repository (/var/cvsroot).
+
+# FIXME : unsecure use of `$$' in
+# `/usr/share/cvs/contrib/debug_check_log'
+# `/usr/share/cvs/contrib/newcvsroot'
+
+%prep
+%setup -q
+%patch -p1 -b .can_2005_2693
+
+%build
+%configure \
+   --enable-encryption \
+   --enable-case-sensitivity \
+   --with-cvs-admin-group=cvsadmin \
+   --enable-pam \
+   --with-hardcoded-pam-service-name="cvs"
+
+%make
+
+%install
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+%makeinstall
+
+install -m 0640 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/xinetd.d/cvspserver
+install -m 0640 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/cvs
+
+# initialize database
+#install -d %{buildroot}/var
+
+%clean
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+
+%post
+%install_info cvs.info
+%install_info cvsclient.info
+
+%preun
+%uninstall_info cvs.info
+%uninstall_info cvsclient.info
+exit 0
+
+%pre server
+if [ $1 -eq 1 ]; then
+# new install
+   /usr/sbin/groupadd cvsuser -g %{groupid} 2>/dev/null
+   /usr/sbin/groupadd cvsadmin -g %{groupidadmin} 2>/dev/null
+fi
+exit 0
+
+%post server
+if [ $1 -eq 1 ]; then
+# new install
+   cvs -d /var/cvsroot init
+   chown root.cvsuser -R /var/cvsroot
+   chmod g+s /var/cvsroot
+   chmod g+s /var/cvsroot/CVSROOT
+   chmod g+s /var/cvsroot/CVSROOT/Emptydir
+fi
+exit 0
+
+%preun server
+if [ $1 -eq 0 ]; then
+# erase
+   /usr/sbin/groupdel cvsuser 2>/dev/null
+   /usr/sbin/groupdel cvsadmin 2>/dev/null
+fi
+exit 0
+
+%files
+%defattr(-,root,root)
+%{_bindir}/*
+%dir %{_datadir}/cvs
+%{_datadir}/cvs/*
+#%attr(2775,root,cvsuser) %dir /var/cvsroot
+#%attr(2775,root,cvsuser) %dir /var/cvsroot/CVSROOT
+#%attr(-,root,cvsuser) /var/cvsroot/*
+%{_infodir}/*
+%{_mandir}/man?/cvs*
+
+%files server
+%defattr(-,root,root)
+%config(noreplace) %{_sysconfdir}/xinetd.d/cvspserver
+%config(noreplace) %{_sysconfdir}/pam.d/cvs
+
+%changelog
+* Fri Oct 16 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 1.12.13-3mamba
+- rebuilt with libopenssl 0.9.8
+
+* Wed Aug 15 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 1.12.13-2mamba
+- rebuilt
+
+* Tue Jun 13 2006 Davide Madrisan <davide.madrisan@qilinux.it> 1.12.13-1qilnx
+- update to version 1.12.13 by autospec
+
+* Thu Sep 08 2005 Davide Madrisan <davide.madrisan@qilinux.it> 1.12.12-1qilnx
+- update to version 1.12.12 by autospec
+
+* Fri Apr 22 2005 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.20-1qilnx
+- update to version 1.11.20 by autospec
+- also fixes QSA-2005-052 (CAN-2005-0753)
+- fixed package groups
+- added missing build requirements
+- added %%post, %%preun scripts to install/uninstall info pages
+
+* Wed Jan 12 2005 Massimo Pintore <massimo.pintore@qilinux.it> 1.11.18-5qilnx
+- added package cvs-server
+
+* Wed Jan 12 2005 Silvan Calarco <silvan.calarco@qilinux.it> 1.11.18-4qilnx
+- create cvsroot after install instead of before packaging
+
+* Tue Jan 11 2005 Silvan Calarco <silvan.calarco@qilinux.it> 1.11.18-3qilnx
+- create cvsroot and cvsroot/CVSROOT directories  with suid'ed group
+
+* Thu Dec 30 2004 Silvan Calarco <silvan.calarco@qilinux.it> 1.11.18-2qilnx
+- added pam support patch
+
+* Fri Dec 24 2004 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.18-1qilnx
+- new version rebuild
+
+* Wed Jun 30 2004 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.17-1qilnx
+- new version rebuild: security fixes CAN-2004-04{14,16,17,18}
+
+* Thu May 20 2004 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.16-1qilnx
+- new version rebuild: fixes a serious security hole (CAN-2004-0396) in the 
+  CVS server executable
+
+* Tue Apr 15 2004 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.15-1qilnx
+- new version rebuild: fixes serious security holes in both the client and the 
+  CVS server (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180)
+
+* Tue Mar 02 2004 Davide Madrisan <davide.madrisan@qilinux.it> 1.11.13-1qilnx
+- rebuilt with cvs-1.11.13
+
+* Tue Dec 30 2003 Silvan Calarco <silvan.calarco@qilinux.it> 1.11.11-2qilnx
+- privileges/security enhancements (cvsuser/cvsadmin)
+
+* Mon Dec 29 2003 Silvan Calarco <silvan.calarco@qilinux.it> 1.11.11-1qilnx
+- new version rebuild
+
+* Fri Jul 18 2003 Silvan Calarco <silvan.calarco@qinet.it> 1.11.6-1qilnx
+- first build of cvs
diff --git a/cvspserver-xinetd b/cvspserver-xinetd
new file mode 100644
index 0000000..d0b0d34
--- /dev/null
+++ b/cvspserver-xinetd
@@ -0,0 +1,11 @@
+service cvspserver
+{
+        flags           = REUSE
+        socket_type     = stream
+        wait            = no
+        user            = root
+        server          = /usr/bin/cvs
+        server_args     = -f --allow-root=/var/cvsroot pserver
+        log_on_failure  += USERID
+        disable         = yes
+}