Bug 80671 - japanese/groff: Fix insecure temporary file creation vulnerabilities.
japanese/groff: Fix insecure temporary file creation vulnerabilities.
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Any Any
: Normal Affects Only Me
Assigned To: okazaki
Depends on:
  Show dependency treegraph
Reported: 2005-05-05 19:40 UTC by koma2
Modified: 2005-05-09 08:14 UTC (History)
1 user (show)

See Also:

file.diff (3.82 KB, patch)
2005-05-05 19:40 UTC, koma2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description koma2 2005-05-05 19:40:02 UTC
Update japanese/groff to Debian version
This version contains the following vulnerability fixes:

- groffer uses temp files unsafely (CAN-2004-0969)
- pic2graph and eqn2graph are vulnerable to symlink attack 
  through temporary file (CAN-2004-1296)
Comment 1 Tilman Keskinoz freebsd_committer 2005-05-07 13:32:39 UTC
Responsible Changed
From-To: freebsd-ports-bugs->okazaki

Over to maintainer
Comment 2 okazaki freebsd_committer 2005-05-09 08:14:21 UTC
State Changed
From-To: open->closed

Committed, thanks!