Subject: Detailed commit messages and not just url pointers (was: CVS commit: pkgsrc/print/ghostscript)
To: Adrian Portelli <>
From: Bernd Ernesti <>
List: tech-pkg
Date: 11/27/2005 18:59:32
On Sun, Nov 27, 2005 at 05:07:30PM +0000, Adrian Portelli wrote:
> Module Name:	pkgsrc
> Committed By:	adrianp
> Date:		Sun Nov 27 17:07:30 UTC 2005
> Modified Files:
> 	pkgsrc/print/ghostscript: Makefile
> Log Message:
> Update for


please use a more detailed commit message and not just a pointer to an
url, which could be changed or vanish in the future.

From the Description part of the url above:
 The (1), (2) ps2epsi , (3), and (4) scripts in
 the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1,
 and other operating systems, allow local users to overwrite files via a
 symlink attack on temporary files.

Something like that and that you fixed it.