Date: Wed, 15 Dec 2004 16:37:44 +0000 (UTC) From: Pete Fritchman <petef@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/devel/cscope Makefile ports/devel/cscope/files patch-src::main.c Message-ID: <200412151637.iBFGbiAv055801@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
petef 2004-12-15 16:37:44 UTC
FreeBSD ports repository
Modified files:
devel/cscope Makefile
Added files:
devel/cscope/files patch-src::main.c
Log:
Fix CAN-2004-0996 vulnerability & bump PORTREVISION:
main.c in cscope 15-4 and 15-5 creates temporary files with
predictable filenames, which allows local users to overwrite
arbitrary files via a symlink attack.
PR: 75104
Submitted by: Matthias Andree <matthias.andree@gmx.de>
Revision Changes Path
1.23 +1 -0 ports/devel/cscope/Makefile
1.1 +52 -0 ports/devel/cscope/files/patch-src::main.c (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412151637.iBFGbiAv055801>