CVSROOT: /cvs Module name: ports Changes by: [email protected] 2022/04/14 15:23:24
Modified files:
archivers/unzip: Makefile
Added files:
archivers/unzip/patches: patch-unix_zipgrep
Log message:
archivers/unzip: security fix for CVE-2022-1271
In zipgrep, prevent arbitrary-file-write vulnerability if an archive
member name contains shell wild cards that expand to an existing
pathname with an exploit pattern.
ok sthen@ tb@
