pkgsrc-changes: CVS commit: [pkgsrc-2005Q3] pkgsrc/archivers/arc

Subject: CVS commit: [pkgsrc-2005Q3] pkgsrc/archivers/arc
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 10/08/2005 06:27:21

Module Name:	pkgsrc
Committed By:	snj
Date:		Sat Oct  8 06:27:21 UTC 2005

Modified Files:
	pkgsrc/archivers/arc [pkgsrc-2005Q3]: Makefile distinfo
Added Files:
	pkgsrc/archivers/arc/patches [pkgsrc-2005Q3]: patch-ae

Log Message:
Pullup ticket 810 - requested by Lubomir Sedlacik
security fix for arc

Revisions pulled up:
- pkgsrc/archivers/arc/Makefile		1.24
- pkgsrc/archivers/arc/distinfo		1.9
- pkgsrc/archivers/arc/patches/patch-ae	1.1

   Module Name:    pkgsrc
   Committed By:   salo
   Date:           Thu Oct  6 14:23:39 UTC 2005

   Modified Files:
           pkgsrc/archivers/arc: Makefile distinfo
   Added Files:
           pkgsrc/archivers/arc/patches: patch-ae

   Log Message:
   Security fix for CAN-2005-2945 and CAN-2005-2992:

   "arc 5.21j and earlier create temporary files with world-readable
   permissions, which allows local users to read sensitive information
   from files created by arc or marc."

   http://www.zataz.net/adviso/arc-09052005.txt
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2945

   Patch from Debian.


To generate a diff of this commit:
cvs rdiff -r1.23 -r1.23.4.1 pkgsrc/archivers/arc/Makefile
cvs rdiff -r1.8 -r1.8.4.1 pkgsrc/archivers/arc/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/archivers/arc/patches/patch-ae

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.