Bug 80671 - japanese/groff: Fix insecure temporary file creation vulnerabilities.
japanese/groff: Fix insecure temporary file creation vulnerabilities.
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Latest
Any Any
: Normal Affects Only Me
Assigned To: okazaki
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-05 19:40 UTC by koma2
Modified: 2005-05-09 08:14 UTC (History)
1 user (show)

See Also:


Attachments
file.diff (3.82 KB, patch)
2005-05-05 19:40 UTC, koma2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description koma2 2005-05-05 19:40:02 UTC
Update japanese/groff to Debian version 1.18.1.1_7.
This version contains the following vulnerability fixes:

- groffer uses temp files unsafely (CAN-2004-0969)
- pic2graph and eqn2graph are vulnerable to symlink attack 
  through temporary file (CAN-2004-1296)
Comment 1 Tilman Keskinoz freebsd_committer 2005-05-07 13:32:39 UTC
Responsible Changed
From-To: freebsd-ports-bugs->okazaki

Over to maintainer
Comment 2 okazaki freebsd_committer 2005-05-09 08:14:21 UTC
State Changed
From-To: open->closed

Committed, thanks!