git: 8e36aa89c535 - main - archivers/ha: Add CPE information
Alexey Dokuchaev
danfe at freebsd.org
Mon Sep 27 18:29:23 UTC 2021
On Mon, Sep 27, 2021 at 08:22:55PM +0200, Alex Kozlov wrote:
> ...
> > Please also have a look at CVE-2015-1198 and take some actions because
> > our port is very likely also vulnerable.
>
> There was incomplete attempt to fix this/similar vulnerability, but
> the path part of attack still worked. So I cooked up some quick fix
> by analogy with resemblant vulnerability in archivers/unarj.
> Reviews are welcome.
Thanks for taking care of `archivers/ha' Alex, I remember using it
back in MSDOS times as it offered better compression ratios than
other archivers available back in those times. Fond memories! :-)
./danfe
More information about the dev-commits-ports-main
mailing list