Date: Thu, 30 Nov 2006 20:31:51 +0000 (UTC) From: Christian Weisgerber <naddy@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/archivers/gtar Makefile ports/archivers/gtar/files patch-src_extract.c Message-ID: <200611302031.kAUKVqdg053240@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
naddy 2006-11-30 20:31:51 UTC
FreeBSD ports repository
Modified files:
archivers/gtar Makefile
Added files:
archivers/gtar/files patch-src_extract.c
Log:
Fix GNUTYPE_NAMES directory traversal vulnerability by not extracting
these entries. Support for GNUTYPE_NAMES will be dropped completely
in 1.16.1.
Notified by sem@
Security: VuXML 3dd7eb58-80ae-11db-b4ec-000854d03344
Revision Changes Path
1.50 +1 -1 ports/archivers/gtar/Makefile
1.1 +16 -0 ports/archivers/gtar/files/patch-src_extract.c (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611302031.kAUKVqdg053240>