Bug 80671 - japanese/groff: Fix insecure temporary file creation vulnerabilities.
Summary: japanese/groff: Fix insecure temporary file creation vulnerabilities.
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Tetsurou Okazaki
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-05-05 19:40 UTC by KOMATSU Shinichiro
Modified: 2005-05-09 08:14 UTC (History)
1 user (show)

See Also:


Attachments
file.diff (3.82 KB, patch)
2005-05-05 19:40 UTC, KOMATSU Shinichiro
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description KOMATSU Shinichiro 2005-05-05 19:40:02 UTC
Update japanese/groff to Debian version 1.18.1.1_7.
This version contains the following vulnerability fixes:

- groffer uses temp files unsafely (CAN-2004-0969)
- pic2graph and eqn2graph are vulnerable to symlink attack 
  through temporary file (CAN-2004-1296)
Comment 1 Tilman Keskinoz freebsd_committer freebsd_triage 2005-05-07 13:32:39 UTC
Responsible Changed
From-To: freebsd-ports-bugs->okazaki

Over to maintainer
Comment 2 Tetsurou Okazaki freebsd_committer freebsd_triage 2005-05-09 08:14:21 UTC
State Changed
From-To: open->closed

Committed, thanks!