Date: Wed, 12 Jul 2000 09:18:05 +0200 (CEST) From: e@ik.nu To: FreeBSD-gnats-submit@freebsd.org Subject: ports/19864: change port games/xtrojka Message-ID: <200007120718.JAA04216@tricia.mons.net>
next in thread | raw e-mail | index | archive | help
>Number: 19864 >Category: ports >Synopsis: Fixes exploit in Makefile of xtrojka >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Jul 12 00:20:04 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Edwin Mons >Release: FreeBSD 4.0-STABLE i386 >Organization: >Environment: >Description: Fixes the exploit listed in PR ports/19862 >How-To-Repeat: >Fix: --- xtrojka.bak/patches/patch-aa Mon May 29 05:49:00 2000 +++ xtrojka/patches/patch-aa Wed Jul 12 08:51:57 2000 @@ -1,5 +1,5 @@ ---- Makefile Sat Oct 21 17:38:22 1995 -+++ Makefile.new Mon May 29 01:35:31 2000 +--- Makefile.orig Sat Oct 21 22:38:22 1995 ++++ Makefile Wed Jul 12 08:50:34 2000 @@ -8,7 +8,7 @@ # your favorite C-compiler @@ -58,7 +58,7 @@ # # # main -@@ -101,11 +105,15 @@ +@@ -101,11 +105,17 @@ # # install: @@ -67,8 +67,9 @@ - cp xtrojka.6 $(MANDIR); chmod go+r xtrojka.6; \ - cp xtrojka $(TARGET_DIR);chmod go+rx xtrojka; \ - touch $(HSFILE); chmod go+rwx $(HSFILE); -+ echo $(HSFILE)|sed -e 's/\//\\\//g'>/tmp/hsn -+ sed -e "s/__SCOREDIR__/`cat /tmp/hsn`/g" manpage > xtrojka.6 ++ @rm -f hsn ++ echo $(HSFILE)|sed -e 's/\//\\\//g'>hsn ++ sed -e "s/__SCOREDIR__/`cat hsn`/g" manpage > xtrojka.6 + gzip -c xtrojka.6 >$(MANDIR)/xtrojka.6.gz + cp xtrojka $(TARGET_DIR) + chmod 2755 $(TARGET_DIR)/xtrojka @@ -76,6 +77,7 @@ + touch $(HSFILE) + chmod 664 $(HSFILE) + chgrp games $(HSFILE) ++ @rm -f hsn clean: rm -rf *.o core xtrojka xtrojka.6 >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007120718.JAA04216>