Subject: CVS commit: pkgsrc/archivers/gsharutils
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 03/31/2005 14:17:05
Module Name: pkgsrc
Committed By: salo
Date: Thu Mar 31 14:17:05 UTC 2005
Modified Files:
pkgsrc/archivers/gsharutils: Makefile distinfo
pkgsrc/archivers/gsharutils/patches: patch-ac
Added Files:
pkgsrc/archivers/gsharutils/patches: patch-ah patch-ai patch-aj
Log Message:
Securitu fix for CAN-2004-1773:
"Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers
to execute arbitrary code via long output from wc to shar, or unknown vectors
in unshar."
Patch from SuSE/Gentoo. Also add more sanity checking patches from the latter.
To generate a diff of this commit:
cvs rdiff -r1.24 -r1.25 pkgsrc/archivers/gsharutils/Makefile
cvs rdiff -r1.10 -r1.11 pkgsrc/archivers/gsharutils/distinfo
cvs rdiff -r1.2 -r1.3 pkgsrc/archivers/gsharutils/patches/patch-ac
cvs rdiff -r0 -r1.5 pkgsrc/archivers/gsharutils/patches/patch-ah
cvs rdiff -r0 -r1.3 pkgsrc/archivers/gsharutils/patches/patch-ai
cvs rdiff -r0 -r1.4 pkgsrc/archivers/gsharutils/patches/patch-aj
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.