pkgsrc-changes: CVS commit: pkgsrc/www/htdig

Subject: CVS commit: pkgsrc/www/htdig
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 03/20/2005 20:34:27

Module Name:	pkgsrc
Committed By:	salo
Date:		Sun Mar 20 20:34:27 UTC 2005

Modified Files:
	pkgsrc/www/htdig: Makefile distinfo
Added Files:
	pkgsrc/www/htdig/patches: patch-af patch-ag patch-ah

Log Message:
Security fix for CAN-2005-0085.

"Cross-site scripting (XSS) vulnerability in ht://dig allows remote
 attackers to execute arbitrary web script or HTML via the config
 parameter, which is not properly sanitized before it is displayed
 in an error message."

Patch from Debian.  Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -r1.21 -r1.22 pkgsrc/www/htdig/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/www/htdig/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/www/htdig/patches/patch-af \
    pkgsrc/www/htdig/patches/patch-ag pkgsrc/www/htdig/patches/patch-ah

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.