From owner-cvs-all@FreeBSD.ORG  Fri Feb 11 13:33:02 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B4D7016A4CE; Fri, 11 Feb 2005 13:33:02 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9144743D1F; Fri, 11 Feb 2005 13:33:02 +0000 (GMT)
	(envelope-from danfe@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j1BDX20M083617;
	Fri, 11 Feb 2005 13:33:02 GMT
	(envelope-from danfe@repoman.freebsd.org)
Received: (from danfe@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j1BDX2Jt083616;
	Fri, 11 Feb 2005 13:33:02 GMT
	(envelope-from danfe)
Message-Id: <200502111333.j1BDX2Jt083616@repoman.freebsd.org>
From: Alexey Dokuchaev <danfe@FreeBSD.org>
Date: Fri, 11 Feb 2005 13:33:02 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: ports/textproc/unrtf/files
	patch-convert.cports/textproc/unrtf Makefile
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Feb 2005 13:33:03 -0000

danfe       2005-02-11 13:33:02 UTC

  FreeBSD ports repository

  Modified files:
    textproc/unrtf       Makefile 
  Added files:
    textproc/unrtf/files patch-convert.c 
  Log:
  - Attempt to fix the exploitable security issue described at
    http://www.vuxml.org/freebsd/f2d5e56e-67eb-11d9-a9e7-0001020eed82.html by
    replacing strcat() with strncat().  Please note that I wasn't able to
    reproduce the exploit described at
    http://tigger.uic.edu/~jlongs2/holes/unrtf.txt on my 5.3-STABLE system.
    Feedback from someone who can reproduce the exploit with an unpatched unrtf
    would be appreciated
  - Bump PORTREVISION
  - Remove old master site that doesn't seem to have the distfile any more
  
  VuXML:          f2d5e56e-67eb-11d9-a9e7-0001020eed82
  PR:             ports/76852
  Submitted by:   Stefan Walter <sw(at)gegenunendlich.de>
  
  Revision  Changes    Path
  1.12      +2 -6      ports/textproc/unrtf/Makefile
  1.1       +11 -0     ports/textproc/unrtf/files/patch-convert.c (new)