Subject: CVS commit: pkgsrc/databases/gnats
To: None <pkgsrc-changes@NetBSD.org>
From: Marc Recht <recht@netbsd.org>
List: pkgsrc-changes
Date: 08/28/2005 12:36:42
Module Name: pkgsrc
Committed By: recht
Date: Sun Aug 28 12:36:42 UTC 2005
Modified Files:
pkgsrc/databases/gnats: Makefile distinfo
pkgsrc/databases/gnats/patches: patch-aa
Log Message:
Add a patch from gnats CSV to fix the security problem noted in:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180
Patch by adrianp@.
ChangeLog from gnats CSV:
* Makefile.in (install-gnats-tools, install-gnats-bin): Removed chown
and chmod entries for setting binaries suid. CAN-2005-2180 advisory.
gen-index as setuid root can overwrite any system file.
Bump PKGREVISION to 1.
To generate a diff of this commit:
cvs rdiff -r1.20 -r1.21 pkgsrc/databases/gnats/Makefile
cvs rdiff -r1.7 -r1.8 pkgsrc/databases/gnats/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/databases/gnats/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.