80671 – japanese/groff: Fix insecure temporary file creation vulnerabilities.

Bug 80671 - japanese/groff: Fix insecure temporary file creation vulnerabilities.

Summary: japanese/groff: Fix insecure temporary file creation vulnerabilities.

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Tetsurou Okazaki

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-05-05 19:40 UTC by KOMATSU Shinichiro
Modified:	2005-05-09 08:14 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
file.diff (3.82 KB, patch) 2005-05-05 19:40 UTC, KOMATSU Shinichiro	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description KOMATSU Shinichiro 2005-05-05 19:40:02 UTC

Update japanese/groff to Debian version 1.18.1.1_7.
This version contains the following vulnerability fixes:

- groffer uses temp files unsafely (CAN-2004-0969)
- pic2graph and eqn2graph are vulnerable to symlink attack 
  through temporary file (CAN-2004-1296)

Comment 1 Tilman Keskinoz freebsd_committer

2005-05-07 13:32:39 UTC

Responsible Changed
From-To: freebsd-ports-bugs->okazaki

Over to maintainer

Comment 2 Tetsurou Okazaki freebsd_committer

2005-05-09 08:14:21 UTC

State Changed
From-To: open->closed

Committed, thanks!