Add a patch via Debain to address:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3340 "The vulnerability is caused due to temporary files being created insecurely in the "/tmp" directory by the tuxpaint-import.sh script. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user running the affected script." Bump to nb6.
author: adrianp <adrianp@pkgsrc.org> 2006-01-17 22:48:57 +0000
committer: adrianp <adrianp@pkgsrc.org> 2006-01-17 22:48:57 +0000
commit: 3e1f5f983f1a47a97f76d773bcb598c49828a1a5 (patch)
tree: 49af2be4a6b55266919404b4413ff1c806ea6899 /graphics/tuxpaint/distinfo
parent: b3f5814d615d21d7a679eafdbc8b46c1a17fc113 (diff)
download: pkgsrc-3e1f5f983f1a47a97f76d773bcb598c49828a1a5.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/graphics/tuxpaint/distinfo b/graphics/tuxpaint/distinfo
index aca51d54741..3063ff32513 100644
--- a/graphics/tuxpaint/distinfo
+++ b/graphics/tuxpaint/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.17 2005/12/28 04:58:01 reed Exp $
+$NetBSD: distinfo,v 1.18 2006/01/17 22:48:57 adrianp Exp $
 
 SHA1 (tuxpaint-0.9.14.tar.gz) = d899f15ae348413b85e5d0cacf971db2c604b036
 RMD160 (tuxpaint-0.9.14.tar.gz) = b8bbf53eef48d17f8219ae2380e98570f574a326
 Size (tuxpaint-0.9.14.tar.gz) = 3208894 bytes
 SHA1 (patch-aa) = e2a238e16ab643a407f55e4275a5632b5cb023b2
 SHA1 (patch-ab) = 03c1aa47c90cc598081a0bf39eb0606309371d0b
+SHA1 (patch-ac) = cb75efd7b6eb9c3bb6752b4bf1d56fb5dd0fdc58
author	adrianp <adrianp@pkgsrc.org>	2006-01-17 22:48:57 +0000
committer	adrianp <adrianp@pkgsrc.org>	2006-01-17 22:48:57 +0000
commit	3e1f5f983f1a47a97f76d773bcb598c49828a1a5 (patch)
tree	49af2be4a6b55266919404b4413ff1c806ea6899 /graphics/tuxpaint/distinfo
parent	b3f5814d615d21d7a679eafdbc8b46c1a17fc113 (diff)
download	pkgsrc-3e1f5f983f1a47a97f76d773bcb598c49828a1a5.tar.gz