This pr closes ports/122060 See changelog excerpts below. 0.1.14 beta-17 - (security) Using File::Spec->canonpath for normalization (trailing slashes) Check ownership of real directories to avoid race attacks for symlinks. Thanks to Robert Buchholz. 0.1.14 beta-16 (not released) - (security) The check for symlinked directories was half complete. perl ignores -l if the argument has a trailung slash. Thanks to Andrej Kacian.
Responsible Changed From-To: freebsd-ports-bugs->rafan I'll take it.
rafan 2008-04-06 05:00:34 UTC FreeBSD ports repository Modified files: mail/postfix-policyd-weight Makefile distinfo mail/postfix-policyd-weight/files policyd-weight.in Log: - Update to 0.1.14.17 PR: ports/122194 Submitted by: Robert Felber <robtone at ek-muc.de> (maintainer) Security: multiple working directory symlink vulnerabilities Revision Changes Path 1.14 +3 -1 ports/mail/postfix-policyd-weight/Makefile 1.13 +3 -3 ports/mail/postfix-policyd-weight/distinfo 1.4 +1 -1 ports/mail/postfix-policyd-weight/files/policyd-weight.in _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
rafan 2008-04-06 08:50:38 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: - Add entry for mail/postfix-policyd-weight PR: ports/122194 Reviewed by: ports-security (miwi) Revision Changes Path 1.1587 +29 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!