Bug 145425
| Summary: | insecure file handling in net/GeoIP | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | matorola | ||||
| Component: | Individual Port(s) | Assignee: | Michael Scheidell <scheidell> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | ||||||
| Priority: | Normal | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
|
Description
matorola
2010-04-06 10:50:02 UTC
Responsible Changed From-To: freebsd-ports-bugs->dhn Fix synopsis and assign. Responsible Changed From-To: dhn->pgollucci committer&maintainer timeout (dhn ; 678 days) / last commit: 1 days ago Responsible Changed From-To: pgollucci->freebsd-ports-bugs With bugmeister hat, return to pool due to assignee ENOTIME. Note that this PR was already available for commit via maintainer-timeout. Responsible Changed From-To: freebsd-ports-bugs->scheidell I'll take it. Anatoly: Sorry this got lost in the shuffle, how do you feel about my solution? uses no tmp files, just pipes. honors make.conf env variable DATADIR anyway. (note, this patch is against version 1.4.8, which was updated since your pr of 2 years ago) -- Michael Scheidell, CTO SECNAP Network Security Corporation http://people.freebsd.org/~scheidell ______________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com/ ______________________________________________________________________ State Changed From-To: open->feedback Ask for maintainer approval. Michael, On Wed, Jul 4, 2012 at 5:18 AM, Michael Scheidell <scheidell@freebsd.org> wrote: > Anatoly: Sorry this got lost in the shuffle, how do you feel about my solution? > uses no tmp files, just pipes. > honors make.conf env variable DATADIR anyway. > (note, this patch is against version 1.4.8, which was updated since your pr of 2 years ago) I'm ok with your proposal fix, but it would be nice to also have a check for return code of fetch, so we accidentally not overwrite a good/consistent GeoIP.dat Thanks! Didn't make it to bug-followup, so forwarding it -------- Original Message -------- Subject: Re: ports/145425: insecure file handling in net/GeoIP Date: Wed, 4 Jul 2012 06:54:13 +0200 From: Dennis Herrmann <dhn@FreeBSD.org> To: <scheidell@FreeBSD.org> scheidell@FreeBSD.org writes: > Synopsis: insecure file handling in net/GeoIP > > State-Changed-From-To: open->feedback > State-Changed-By: scheidell > State-Changed-When: Wed Jul 4 01:19:05 UTC 2012 > State-Changed-Why: > Ask for maintainer approval. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=145425 > Yeah looks good ;) approve! -dhn State Changed From-To: feedback->closed Committed. Thanks! scheidell 2012-07-04 11:22:49 UTC
FreeBSD ports repository
Modified files:
net/GeoIP Makefile
Added files:
net/GeoIP/files geoipupdate.sh.in
Removed files:
net/GeoIP/files geoipupdate.sh
Log:
- Fix insecure handling of GeoIP download file
- Bump PORTREVISION since we change package
PR: ports/145425
Submitted by: anatoly pugachev <matorola@gmail.com>
Approved by: dhn@ (maintainer)
Revision Changes Path
1.54 +4 -2 ports/net/GeoIP/Makefile
1.4 +0 -5 ports/net/GeoIP/files/geoipupdate.sh (dead)
1.1 +2 -0 ports/net/GeoIP/files/geoipupdate.sh.in (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
|
