Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 6 Dec 2006 09:18:02 +0000 (UTC)
From:      Colin Percival <cperciva@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src UPDATING src/contrib/tar/src common.h extract.c tar.c src/sys/conf newvers.sh src/sys/dev/firewire fwdev.c
Message-ID:  <200612060918.kB69I23e041314@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
cperciva    2006-12-06 09:18:02 UTC

  FreeBSD src repository

  Modified files:        (Branch: RELENG_4_11)
    .                    UPDATING 
    contrib/tar/src      common.h extract.c tar.c 
    sys/conf             newvers.sh 
    sys/dev/firewire     fwdev.c 
  Log:
  Correct a signedness bug which allowed members of the operator
  group to read kernel memory. [1]
  
  Disable handling of GNUTYPE_NAMES tar file entries by default,
  since they can be used to extract files outside of the cwd. [2]
  
  Security:       FreeBSD-SA-06:25.kmem [1]
  Security:       FreeBSD-SA-06:26.gtar [2]
  Approved by:    so (cperciva)
  
  Revision        Changes    Path
  1.73.2.91.2.27  +7 -0      src/UPDATING
  1.2.2.1.10.1    +4 -1      src/contrib/tar/src/common.h
  1.4.2.3.8.1     +8 -2      src/contrib/tar/src/extract.c
  1.2.2.2.6.1     +9 -1      src/contrib/tar/src/tar.c
  1.44.2.39.2.30  +1 -1      src/sys/conf/newvers.sh
  1.2.4.16.4.1    +1 -1      src/sys/dev/firewire/fwdev.c



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612060918.kB69I23e041314>