cperciva 2006-12-06 09:16:17 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_5)
contrib/tar/src common.h extract.c tar.c
sys/dev/firewire fwdev.c
Log:
Correct a signedness bug which allowed members of the operator
group to read kernel memory. [1]
Disable handling of GNUTYPE_NAMES tar file entries by default,
since they can be used to extract files outside of the cwd. [2]
Security: FreeBSD-SA-06:25.kmem [1]
Security: FreeBSD-SA-06:26.gtar [2]
Revision Changes Path
1.2.10.1 +4 -1 src/contrib/tar/src/common.h
1.6.8.1 +8 -2 src/contrib/tar/src/extract.c
1.3.4.1 +9 -1 src/contrib/tar/src/tar.c
1.44.2.2 +1 -1 src/sys/dev/firewire/fwdev.c
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
