Date: Tue, 13 Jun 2000 09:39:49 -0700 (PDT) From: "David E. O'Brien" <obrien@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/ftp/wget/patches patch-ftp.c Message-ID: <200006131639.JAA46294@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
obrien 2000/06/13 09:39:49 PDT
Added files:
ftp/wget/patches patch-ftp.c
Log:
Fix chmod symlink vulnerability where when invoked with the -N option, it
tries to chmod downloaded symlinks, but actually permissions are changed at
target files. There is the potential to chmod target files to
world-writable.
Submitted by: Jun Kuriyama <kuriyama@FreeBSD.org>
Koga Youichirou <y-koga@jp.freebsd.org>
Obtained from: Const Kaplinsky <const@ce.cctpu.edu.ru> (BugTraq Feb 02, 1999)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006131639.JAA46294>