pkgsrc-changes: CVS commit: [pkgsrc-2005Q1] pkgsrc/archivers/gsharutils

Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/archivers/gsharutils
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 04/01/2005 05:03:52

Module Name:	pkgsrc
Committed By:	snj
Date:		Fri Apr  1 05:03:52 UTC 2005

Modified Files:
	pkgsrc/archivers/gsharutils [pkgsrc-2005Q1]: Makefile distinfo
	pkgsrc/archivers/gsharutils/patches [pkgsrc-2005Q1]: patch-ac
Added Files:
	pkgsrc/archivers/gsharutils/patches [pkgsrc-2005Q1]: patch-ah patch-ai
	    patch-aj

Log Message:
Pullup ticket 407 - requested by Lubomir Sedlacik
security fix for gsharutils

Revisions pulled up:
- pkgsrc/archivers/gsharutils/Makefile		1.25
- pkgsrc/archivers/gsharutils/distinfo		1.11, 1.12
- pkgsrc/archivers/gsharutils/patches/patch-ac	1.3
- pkgsrc/archivers/gsharutils/patches/patch-ah	1.5
- pkgsrc/archivers/gsharutils/patches/patch-ai	1.3
- pkgsrc/archivers/gsharutils/patches/patch-aj	1.4, 1.5

    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu Mar 31 14:17:05 UTC 2005

    Modified Files:
            pkgsrc/archivers/gsharutils: Makefile distinfo
            pkgsrc/archivers/gsharutils/patches: patch-ac
    Added Files:
            pkgsrc/archivers/gsharutils/patches: patch-ah patch-ai patch-aj

    Log Message:
    Securitu fix for CAN-2004-1773:

    "Multiple buffer overflows in sharutils 4.2.1 and earlier may allow
    attackers to execute arbitrary code via long output from wc to shar,
    or unknown vectors in unshar."

    Patch from SuSE/Gentoo. Also add more sanity checking patches from
    the latter.
----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu Mar 31 14:41:48 UTC 2005

    Modified Files:
            pkgsrc/archivers/gsharutils: distinfo
            pkgsrc/archivers/gsharutils/patches: patch-aj

    Log Message:
    Fix mktemp usage.


To generate a diff of this commit:
cvs rdiff -r1.24 -r1.24.2.1 pkgsrc/archivers/gsharutils/Makefile
cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/archivers/gsharutils/distinfo
cvs rdiff -r1.2 -r1.2.20.1 pkgsrc/archivers/gsharutils/patches/patch-ac
cvs rdiff -r0 -r1.4.12.1 pkgsrc/archivers/gsharutils/patches/patch-ah
cvs rdiff -r0 -r1.2.12.1 pkgsrc/archivers/gsharutils/patches/patch-ai
cvs rdiff -r0 -r1.3.12.1 pkgsrc/archivers/gsharutils/patches/patch-aj

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.