Date: Fri, 11 Feb 2005 21:35:40 +0000 (UTC) From: Christian Weisgerber <naddy@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/print/enscript-letter Makefile ports/print/enscript-letter/files patch-src_gsint.h patch-src_main.c patch-src_psgen.c patch-src_util.c Message-ID: <200502112135.j1BLZe3t016901@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
naddy 2005-02-11 21:35:40 UTC
FreeBSD ports repository
Modified files:
print/enscript-letter Makefile
Added files:
print/enscript-letter/files patch-src_gsint.h patch-src_main.c
patch-src_psgen.c patch-src_util.c
Log:
Security fixes:
Erik Sjolund discovered several issues in enscript: it suffers from
several buffer overflows (CAN-2004-1186), quotes and shell escape
characters are insufficiently sanitized in filenames (CAN-2004-1185),
and it supported taking input from an arbitrary command pipe, with
unwanted side effects (CAN-2004-1184).
Obtained from: Gentoo
Revision Changes Path
1.23 +2 -1 ports/print/enscript-letter/Makefile
1.1 +15 -0 ports/print/enscript-letter/files/patch-src_gsint.h (new)
1.1 +48 -0 ports/print/enscript-letter/files/patch-src_main.c (new)
1.1 +37 -0 ports/print/enscript-letter/files/patch-src_psgen.c (new)
1.1 +82 -0 ports/print/enscript-letter/files/patch-src_util.c (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502112135.j1BLZe3t016901>