From owner-cvs-all Mon Sep 3 10:48:30 2001 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 648ED37B409; Mon, 3 Sep 2001 10:48:23 -0700 (PDT) Received: (from will@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f83HmNM16953; Mon, 3 Sep 2001 10:48:23 -0700 (PDT) (envelope-from will) Message-Id: <200109031748.f83HmNM16953@freefall.freebsd.org> From: Will Andrews Date: Mon, 3 Sep 2001 10:48:23 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/x11/kdebase2 pkg-message Makefile X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG will 2001/09/03 10:48:23 PDT Modified files: x11/kdebase2 Makefile Added files: x11/kdebase2 pkg-message Log: Add a message to the port/package warning users about kcheckpass's setuid root bit, which is off by default. The purpose is to avoid having users who don't use kcheckpass become vulnerable to a root exploit. For more details see the actual pkg-message. Bump PORTREVISION to reflect this change in the package. As a side note, I'm a little wary about adding something like this so close to the ports freeze for 4.4-RELEASE. However, I decided that it was a minimal risk and went ahead with it in the hopes of avoiding the need for users to run into this "problem" themselves... Revision Changes Path 1.78 +5 -2 ports/x11/kdebase2/Makefile To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message