CVS commit: pkgsrc/net/socat

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/socat
From: "Leonardo Taccari" <leot%netbsd.org@localhost>
Date: Sun, 19 Jan 2025 17:46:10 +0000

Module Name:    pkgsrc
Committed By:   leot
Date:           Sun Jan 19 17:46:10 UTC 2025

Modified Files:
        pkgsrc/net/socat: Makefile distinfo

Log Message:
socat: Update to 1.8.0.2

Changes:
1.8.0.2
Security:
Socat security advisory 9
CVE-2024-54661: Arbitrary file overwrite
Socat 1.6.0.0 through 1.8.0.1 and version 2 distributions contain a
wrapper script "readline.sh" that uses a predictable temporary
directory, allowing unprivileged users to overwrite arbitrary files
belonging to the scripts caller.
This is fixed in Version 1.8.0.2
Mitigating factors: readline.sh is usually neither installed in a bin
directory nor is it documented. Major Linux distributions install it in
examples/ or doc/; however it is invoked by test.sh script.
Thanks to Wolfgang Frisch from SuSE for finding and reporting this
issue.


To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/net/socat/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/socat/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/socat/Makefile
diff -u pkgsrc/net/socat/Makefile:1.55 pkgsrc/net/socat/Makefile:1.56
--- pkgsrc/net/socat/Makefile:1.55      Sun Oct 27 15:35:08 2024
+++ pkgsrc/net/socat/Makefile   Sun Jan 19 17:46:10 2025
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.55 2024/10/27 15:35:08 leot Exp $
+# $NetBSD: Makefile,v 1.56 2025/01/19 17:46:10 leot Exp $
 
-DISTNAME=      socat-1.8.0.1
+DISTNAME=      socat-1.8.0.2
 CATEGORIES=    net
 MASTER_SITES=  http://www.dest-unreach.org/socat/download/
 

Index: pkgsrc/net/socat/distinfo
diff -u pkgsrc/net/socat/distinfo:1.38 pkgsrc/net/socat/distinfo:1.39
--- pkgsrc/net/socat/distinfo:1.38      Sun Oct 27 15:35:08 2024
+++ pkgsrc/net/socat/distinfo   Sun Jan 19 17:46:10 2025
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.38 2024/10/27 15:35:08 leot Exp $
+$NetBSD: distinfo,v 1.39 2025/01/19 17:46:10 leot Exp $
 
-BLAKE2s (socat-1.8.0.1.tar.gz) = bad807327629b9babd170bd55447f4971164fa3ffa111c05fb21531acce0283a
-SHA512 (socat-1.8.0.1.tar.gz) = 2a327b4c2e00fc6afda503548d5bc285d4f120892c75ec6633201825e39e3003a8b8d827053364dc444b72ff728a82381769941c023d8b0a66d955417162b735
-Size (socat-1.8.0.1.tar.gz) = 723747 bytes
+BLAKE2s (socat-1.8.0.2.tar.gz) = ef101a0bb643ddddc87396f1ca57fc30cf4b4be1113bdbb4664950e9733b3408
+SHA512 (socat-1.8.0.2.tar.gz) = c0a04e697f03da35d8c630de038e837c544e4dc77dd5bfbe73198d88b2d21727d9062114c1c50925daa264178f3317bc11c5504d1358ab7b3e8bce15e3e2dff9
+Size (socat-1.8.0.2.tar.gz) = 724311 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index