pkgsrc-changes: CVS commit: pkgsrc/emulators/wine

Subject: CVS commit: pkgsrc/emulators/wine
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 08/12/2005 13:57:44

Module Name:	pkgsrc
Committed By:	salo
Date:		Fri Aug 12 13:57:44 UTC 2005

Modified Files:
	pkgsrc/emulators/wine: Makefile distinfo
Added Files:
	pkgsrc/emulators/wine/patches: patch-ai

Log Message:
Security fix for SA16352.

"A vulnerability in wine can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated privileges.

The vulnerability is caused due to a temporary file being created
insecurely in "/tmp" by winelauncher.in under certain error conditions.
This can be exploited via symlink attacks to create or overwrite
arbitrary files with the privileges of the user running the affected
application."

http://secunia.com/advisories/16352/

Patch from Wine CVS.


To generate a diff of this commit:
cvs rdiff -r1.88 -r1.89 pkgsrc/emulators/wine/Makefile
cvs rdiff -r1.34 -r1.35 pkgsrc/emulators/wine/distinfo
cvs rdiff -r0 -r1.5 pkgsrc/emulators/wine/patches/patch-ai

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.