Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 30 Nov 2006 20:31:51 +0000 (UTC)
From:      Christian Weisgerber <naddy@FreeBSD.org>
To:        ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: ports/archivers/gtar Makefile ports/archivers/gtar/files patch-src_extract.c
Message-ID:  <200611302031.kAUKVqdg053240@repoman.freebsd.org>
index | next in thread | raw e-mail 

naddy       2006-11-30 20:31:51 UTC

  FreeBSD ports repository

  Modified files:
    archivers/gtar       Makefile 
  Added files:
    archivers/gtar/files patch-src_extract.c 
  Log:
  Fix GNUTYPE_NAMES directory traversal vulnerability by not extracting
  these entries.  Support for GNUTYPE_NAMES will be dropped completely
  in 1.16.1.
  
  Notified by sem@
  
  Security:       VuXML 3dd7eb58-80ae-11db-b4ec-000854d03344
  
  Revision  Changes    Path
  1.50      +1 -1      ports/archivers/gtar/Makefile
  1.1       +16 -0     ports/archivers/gtar/files/patch-src_extract.c (new)
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611302031.kAUKVqdg053240>