cvs commit: ports/archivers/gtar Makefile ports/archivers/gtar/files
patch-src_extract.c
Christian Weisgerber
naddy at FreeBSD.org
Thu Nov 30 12:32:50 PST 2006
naddy 2006-11-30 20:31:51 UTC
FreeBSD ports repository
Modified files:
archivers/gtar Makefile
Added files:
archivers/gtar/files patch-src_extract.c
Log:
Fix GNUTYPE_NAMES directory traversal vulnerability by not extracting
these entries. Support for GNUTYPE_NAMES will be dropped completely
in 1.16.1.
Notified by sem@
Security: VuXML 3dd7eb58-80ae-11db-b4ec-000854d03344
Revision Changes Path
1.50 +1 -1 ports/archivers/gtar/Makefile
1.1 +16 -0 ports/archivers/gtar/files/patch-src_extract.c (new)
More information about the cvs-ports
mailing list