cvs commit: ports/print/enscript-letter Makefile
ports/print/enscript-letter/files
patch-src_gsint.h patch-src_main.c patch-src_psgen.c
patch-src_util.c
Christian Weisgerber
naddy at FreeBSD.org
Fri Feb 11 13:35:41 PST 2005
naddy 2005-02-11 21:35:40 UTC
FreeBSD ports repository
Modified files:
print/enscript-letter Makefile
Added files:
print/enscript-letter/files patch-src_gsint.h patch-src_main.c
patch-src_psgen.c patch-src_util.c
Log:
Security fixes:
Erik Sjolund discovered several issues in enscript: it suffers from
several buffer overflows (CAN-2004-1186), quotes and shell escape
characters are insufficiently sanitized in filenames (CAN-2004-1185),
and it supported taking input from an arbitrary command pipe, with
unwanted side effects (CAN-2004-1184).
Obtained from: Gentoo
Revision Changes Path
1.23 +2 -1 ports/print/enscript-letter/Makefile
1.1 +15 -0 ports/print/enscript-letter/files/patch-src_gsint.h (new)
1.1 +48 -0 ports/print/enscript-letter/files/patch-src_main.c (new)
1.1 +37 -0 ports/print/enscript-letter/files/patch-src_psgen.c (new)
1.1 +82 -0 ports/print/enscript-letter/files/patch-src_util.c (new)
More information about the cvs-ports
mailing list