CVS commit: pkgsrc/www

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www
From: "Matthias Drochner" <drochner%netbsd.org@localhost>
Date: Mon, 28 Nov 2011 15:26:26 +0000

Module Name:    pkgsrc
Committed By:   drochner
Date:           Mon Nov 28 15:26:26 UTC 2011

Modified Files:
        pkgsrc/www/squid27: Makefile distinfo
        pkgsrc/www/squid31: Makefile distinfo
Added Files:
        pkgsrc/www/squid27/patches: patch-am
        pkgsrc/www/squid31/patches: patch-am

Log Message:
Don't allow '/' characters to be passed to pam_start() by the
PAM helper program. OpenPAM didn't check this, so it could be
tricked into reading arbitrary config files, allowing privilege
escalation.
Standard squid installations don't install the PAM helper SUID, but
depending on local needs, an administrator might choose to do so.
approved by pkg maintainer
bump PKGREV


To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/squid27/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/squid27/distinfo
cvs rdiff -u -r0 -r1.3 pkgsrc/www/squid27/patches/patch-am
cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.31 -r1.32 pkgsrc/www/squid31/distinfo
cvs rdiff -u -r0 -r1.4 pkgsrc/www/squid31/patches/patch-am

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/print/scribus-qt4
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/print/scribus-qt4
Indexes:

Home | Main Index | Thread Index | Old Index