cvs commit: src UPDATING src/contrib/tar/src common.h extract.c
tar.c src/sys/conf newvers.sh src/sys/dev/firewire fwdev.c
Colin Percival
cperciva at FreeBSD.org
Wed Dec 6 01:16:43 PST 2006
cperciva 2006-12-06 09:16:41 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_5_5)
. UPDATING
contrib/tar/src common.h extract.c tar.c
sys/conf newvers.sh
sys/dev/firewire fwdev.c
Log:
Correct a signedness bug which allowed members of the operator
group to read kernel memory. [1]
Disable handling of GNUTYPE_NAMES tar file entries by default,
since they can be used to extract files outside of the cwd. [2]
Security: FreeBSD-SA-06:25.kmem [1]
Security: FreeBSD-SA-06:26.gtar [2]
Approved by: so (cperciva)
Revision Changes Path
1.342.2.35.2.9 +7 -0 src/UPDATING
1.2.22.1 +4 -1 src/contrib/tar/src/common.h
1.6.20.1 +8 -2 src/contrib/tar/src/extract.c
1.3.16.1 +9 -1 src/contrib/tar/src/tar.c
1.62.2.21.2.11 +1 -1 src/sys/conf/newvers.sh
1.44.2.1.4.1 +1 -1 src/sys/dev/firewire/fwdev.c
More information about the cvs-src
mailing list