From owner-cvs-all  Sat Apr 29 23:22:36 2000
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 82D4F37B627; Sat, 29 Apr 2000 23:22:22 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
Received: from localhost (kris@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id XAA05958;
	Sat, 29 Apr 2000 23:22:22 -0700 (PDT)
	(envelope-from kris@FreeBSD.org)
X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs
Date: Sat, 29 Apr 2000 23:22:22 -0700 (PDT)
From: Kris Kennaway <kris@FreeBSD.org>
To: Chris Piazza <cpiazza@FreeBSD.org>
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: ports/audio/gnapster Makefile ports/audio/gnapster/files
         md5 ports/audio/gnapster/pkg DESCR
In-Reply-To: <200004300444.VAA96941@freefall.freebsd.org>
Message-ID: <Pine.BSF.4.21.0004292321330.4634-100000@freefall.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 29 Apr 2000, Chris Piazza wrote:

>   It is highly recommended that people upgrade to this
>   version.

From the ChangeLog:

 * Security hole fixed that allowed users to view arbitrary files

this is "arbitrary" in the sense of "anything the user can read" since
gnapster is not setuid.

Kris

----
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message