pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/40532 CVS commit: [pkgsrc-2008Q4] pkgsrc/www/privoxy

The following reply was made to PR pkg/40532; it has been noted by GNATS.

From: "Tyler R. Retzlaff" <>
Subject: PR/40532 CVS commit: [pkgsrc-2008Q4] pkgsrc/www/privoxy
Date: Sat, 28 Feb 2009 12:47:22 +0000 (UTC)

 Module Name:   pkgsrc
 Committed By:  rtr
 Date:          Sat Feb 28 12:47:22 UTC 2009
 Modified Files:
        pkgsrc/www/privoxy [pkgsrc-2008Q4]: Makefile distinfo
 Added Files:
        pkgsrc/www/privoxy/patches [pkgsrc-2008Q4]: patch-af
 Log Message:
 pullup ticket #2711 - requested by drochner
 privoxy: update for security fix
 revisions pulled up:
 pkgsrc/www/privoxy/Makefile            1.35,1.36
 pkgsrc/www/privoxy/files/    1.4,1.5
 pkgsrc/www/privoxy/distinfo            1.9
 pkgsrc/www/privoxy/patches/patch-af    1.1
    Module Name:    pkgsrc
    Committed By:   jnemeth
    Date:           Mon Feb  2 20:00:41 UTC 2009
    Modified Files:
            pkgsrc/www/privoxy: Makefile
    Log Message:
    PR/40532 - Cem Kayali -- group permissions too broad
    Just fixing security issue, will leave pkg update for MAINTAINER for now.
    Module Name:   pkgsrc
    Committed By:  drochner
    Date:          Wed Feb  4 21:20:39 UTC 2009
    Modified Files:
           pkgsrc/www/privoxy: Makefile distinfo
    Added Files:
           pkgsrc/www/privoxy/patches: patch-af
    Log Message:
    give up supplementary group memberships on uid/gid switch, fixes
    unexpected privileges reported in PR pkg/40532 by Cem Kayali,
    the issue is being discussed with upstream,
    thanks to Cem for detailed reports,
    also back out explicit passing of PRIVOXY_GROUP to the program --
    while it does not hurt it is redundant because PRIVOXY_GROUP is already
    the primary group of PRIVOXY_USER
 To generate a diff of this commit:
 cvs rdiff -r1.34 -r1.34.12.1 pkgsrc/www/privoxy/Makefile
 cvs rdiff -r1.8 -r1.8.10.1 pkgsrc/www/privoxy/distinfo
 cvs rdiff -r0 -r1.2.2.2 pkgsrc/www/privoxy/patches/patch-af
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index