Date: Mon, 15 Aug 2005 18:02:35 +0000 (UTC) From: Michael Nottebrock <lofi@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/misc/kdeedu3 Makefile ports/misc/kdeedu3/files patch-post-3.4.2-kdeedu.diff Message-ID: <200508151802.j7FI2ZqW083450@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
lofi 2005-08-15 18:02:35 UTC
FreeBSD ports repository
Modified files:
misc/kdeedu3 Makefile
Added files:
misc/kdeedu3/files patch-post-3.4.2-kdeedu.diff
Log:
Patch insecure tempfile handling issue in langen2kvtmlx (kvoctrain).
Security: CAN-2005-2101
Security: http://www.kde.org/info/security/advisory-20050815-1.txt
Security: langen2kvtml uses known filenames in /tmp which allow a
local attacker to overwrite files writeable by the
user (manually) invoking the conversion script.
Approved by: portmgr (marcus)
Revision Changes Path
1.24 +1 -0 ports/misc/kdeedu3/Makefile
1.1 +63 -0 ports/misc/kdeedu3/files/patch-post-3.4.2-kdeedu.diff (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508151802.j7FI2ZqW083450>