tech-pkg: Detailed commit messages and not just url pointers (was: CVS commit: pkgsrc/print/ghostscript)

Subject: Detailed commit messages and not just url pointers (was: CVS commit: pkgsrc/print/ghostscript)
To: Adrian Portelli <adrianp@NetBSD.org>
From: Bernd Ernesti <veego@NetBSD.org>
List: tech-pkg
Date: 11/27/2005 18:59:32

On Sun, Nov 27, 2005 at 05:07:30PM +0000, Adrian Portelli wrote:
> 
> Module Name:	pkgsrc
> Committed By:	adrianp
> Date:		Sun Nov 27 17:07:30 UTC 2005
> 
> Modified Files:
> 	pkgsrc/print/ghostscript: Makefile
> 
> Log Message:
> Update for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0967

Hi,

please use a more detailed commit message and not just a pointer to an
url, which could be changed or vanish in the future.

From the Description part of the url above:
 The (1) pj-gs.sh, (2) ps2epsi , (3) pv.sh, and (4) sysvlp.sh scripts in
 the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1,
 and other operating systems, allow local users to overwrite files via a
 symlink attack on temporary files.

Something like that and that you fixed it.

Bernd