tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: nasty patches in pkgsrc regarding CVE-2010-4651: relative paths with ../



Alistair Crooks <alistaircrooks%gmail.com@localhost> writes:

>> 2) Add patches-wrkdir *additionally* for patches based on wrkdir.  Teach
>> mkpatches to put patches within WRKSRC in patches, and other patches in
>> patches-wrkdir
>>
>
> I'm still not sure this is a good idea :(
>
> But I do agree that relative paths in patch files, all 180+ of them, should
> not exist. Good catch

I'm not sure either.

What is your approach?


Home | Main Index | Thread Index | Old Index