Date: Tue, 28 Apr 2015 18:11:22 +0000 (UTC) From: Glen Barber <gjb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r282178 - head/release/doc/en_US.ISO8859-1/relnotes Message-ID: <201504281811.t3SIBMSP025216@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gjb Date: Tue Apr 28 18:11:21 2015 New Revision: 282178 URL: https://svnweb.freebsd.org/changeset/base/282178 Log: Document r281311, disallow directory traversal in ar(1). Sponsored by: The FreeBSD Foundation Modified: head/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: head/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- head/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Apr 28 18:11:19 2015 (r282177) +++ head/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Apr 28 18:11:21 2015 (r282178) @@ -322,6 +322,13 @@ sponsor="&juniper;">The &man.netstat.1; utility has been updated to link against the &man.libxo.3; shared library.</para> + + <para revision="281311" contrib="sponsor" sponsor="&ff;">The + &man.ar.1; utility has been updated to set + <literal>ARCHIVE_EXTRACT_SECURE_SYMLINKS</literal> and + <literal>ARCHIVE_EXTRACT_SECURE_NODOTDOT</literal> to disallow + directory traversal when extracting an archive, similar to + &man.tar.1;.</para> </sect2> <sect2 xml:id="userland-contrib">
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504281811.t3SIBMSP025216>