cperciva 2006-12-06 09:17:09 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_4)
contrib/tar/src common.h extract.c tar.c
sys/dev/firewire fwdev.c
Log:
Correct a signedness bug which allowed members of the operator
group to read kernel memory. [1]
Disable handling of GNUTYPE_NAMES tar file entries by default,
since they can be used to extract files outside of the cwd. [2]
Security: FreeBSD-SA-06:25.kmem [1]
Security: FreeBSD-SA-06:26.gtar [2]
Revision Changes Path
1.2.2.2 +4 -1 src/contrib/tar/src/common.h
1.4.2.4 +8 -2 src/contrib/tar/src/extract.c
1.2.2.3 +9 -1 src/contrib/tar/src/tar.c
1.2.4.17 +1 -1 src/sys/dev/firewire/fwdev.c
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
