[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-devel:10494] Re: Uploaded man-db-ja 2.3.10-69FIX.1 (source i386) to master-jp

From: Fumitoshi UKAI <ukai@debian.or.jp>
Subject: [debian-devel:10494] Re: Uploaded man-db-ja 2.3.10-69FIX.1 (source i386) to master-jp
Date: Fri, 1 Oct 1999 03:29:59 +0900
Organization: Debian JP Project
X-ml-info: If you have a question, send a mail with the body "# help" (without quotes) to the address debian-devel-ctl@debian.or.jp; help=<mailto:debian-devel-ctl@debian.or.jp?body=help>
X-ml-name: debian-devel
X-mlserver: fml [fml 2.2]; post only (only members can post)
X-sender: ukai@xxxxxxxxxxxxxxxxx
References: <199909301746.CAA30810@lists.debian.or.jp>
Message-id: <14323.44018.163633.61791G@lavender>
X-mail-count: 10494
User-agent: Wanderlust/2.2.2 (You Could Be Mine) SEMI/1.13.6 (Komatsu) FLIM/1.13.2 (Kasanui) Emacs/20.3 (i386-debian-linux-gnu) MULE/4.0 (HANANOEN)

well known な security hole をそのままにしておきすぎなので
NMU しておきます。確認よろしく

-- 
鵜飼文敏

At Fri, 1 Oct 1999 02:47:00 +0900,
ukai@debian.or.jp wrote:
 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Format: 1.5
> Date: Thu, 30 Sep 1999 15:50:36 +0900
> Source: man-db-ja
> Binary: man-db-ja
> Architecture: source i386
> Version: 2.3.10-69FIX.1
> Distribution: stable
> Urgency: low
> Maintainer: Fumitoshi UKAI <ukai@debian.or.jp>
> Description: 
>  man-db-ja  - Display the on-line manual (JAPANESE EXTENDED).
> Changes: 
>  man-db-ja (2.3.10-69FIX.1) stable; urgency=low
>  .
>    * In man-db -69FIX.1:
>     * Added unlink of temporary file between call to tempnam and open to
>       reduce (without completely avoiding it) the possibility that a
>       malicious user puts a dangling symlink to let man leave a file
>       (with a manpage inside :-) in places different that the temporary
>       directory. Not a security risk at all, IMO.
>     * Added secure open of temporary file in zsoelim.l , thanx to
>       Marc Heuse <marc@xxxxxxx>. The code was not secure against a
>       symlink attack. This didn't affect 'man', which does not excute
>       that part of the code, but only manual execution of zsoelim.
>    * In man-db -69:	(Sun, 29 Nov 1998 01:01:54 +0200)
>     * Corrected wrong set of terminal modes even when "not-a-tty".
>       (thanx to Alessandro Rubini for the report)
> Files: 
>  b1a44999a8f76c4a3869f3b39a0a264f 653 doc important man-db-ja_2.3.10-69FIX.1.dsc
>  c7f252520b74256f992931bfd1f23b32 199137 doc important man-db-ja_2.3.10-69FIX.1.diff.gz
>  1f51b7ae0524439c301602ff0696a7dc 305698 doc important man-db-ja_2.3.10-69FIX.1_i386.deb
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3ia
> Charset: noconv
> 
> iQCVAwUBN/MMgM9xwSV+IhjlAQH1zgP+NkLtnJJvv04SDPS3zYZLa3ppVmEtyIHw
> FUcdVYVyq6X3lJNnt0ZUtPjdg/ZUjtxU1eAFUvZeC31qUA00K/zZKIIoQ8v0BNdm
> vM4bOTisz/808P6+VcTo5t1T0FRMGGkzFcyvw/Oq2lz6gaC/IbwiwQ3zgnfcSnZO
> 3HCKsiFvC6Y=
> =mv4p
> -----END PGP SIGNATURE-----
>

References:
- [debian-devel:10490] Uploaded man-db-ja 2.3.10-69FIX.1 (source i386) to master-jp
  - From: Fumitoshi UKAI

Prev by Date: [debian-devel:10493] Re: indices-jp/Maintainers cleanup
Next by Date: [debian-devel:10495] New Debian JP Packages
Previous by thread: [debian-devel:10490] Uploaded man-db-ja 2.3.10-69FIX.1 (source i386) to master-jp
Next by thread: [debian-devel:10491] Re: indices-jp/Maintainers cleanup
Index(es):
- Date
- Thread