Subject: Re: bin/18840
To: None <christos@netbsd.org>
From: Frederick Bruckman <fredb@immanent.net>
List: netbsd-bugs
Date: 04/25/2005 10:26:51
On Sun, 24 Apr 2005, Frederick Bruckman wrote:
> I don't have access to any hosts running current today, but I did verify that
> the exploit I described in the PR is blocked, after pulling up the changes in
> the message that attached to the PR, to netbsd-2-0.
> (src/bin/pax/ar_io.c,v1.42 is a prerequisite for them, by the way.)
Maybe I spoke too soon...
I now can't untar "xscreensaver-4.21.tar.gz" without "--insecure",
without all sorts of complaints such as:
tar: Cannot resolve `xscreensaver-4.21/README'
There are no symlinks in the archive. The only thing that stands out
is that there's no "./" ahead of every item in the archive.
Frederick