Bug 75104 - [PATCH] devel/cscope: security fix CAN-2004-0996
Summary: [PATCH] devel/cscope: security fix CAN-2004-0996
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Pete Fritchman
Depends on:
Reported: 2004-12-15 12:10 UTC by Matthias Andree
Modified: 2004-12-15 16:38 UTC (History)
1 user (show)

See Also:

cscope-15.5_1.patch (2.25 KB, patch)
2004-12-15 12:10 UTC, Matthias Andree
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Andree 2004-12-15 12:10:27 UTC
(1) Apply patch (sans version bump) from cscope CVS as files/patch-ac,
to fix CAN-2004-0996 "main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack."


(2) Bump portrevision.

Added file(s):
- files/patch-ac

Port maintainer (petef@FreeBSD.org) is cc'd.

Generated with FreeBSD Port Tools 0.63
Comment 1 Pete Fritchman freebsd_committer 2004-12-15 15:46:07 UTC
Responsible Changed
From-To: freebsd-ports-bugs->petef

my port.
Comment 2 Pete Fritchman freebsd_committer 2004-12-15 16:38:02 UTC
State Changed
From-To: open->closed

Committed, thanks.