Security fix for SA17028:

"A vulnerability in Weex can be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system. The vulnerability is caused due to a format string error in the "log_flush()" function when flushing an error log entry that contains format string specifiers to disk. This may be exploited to execute arbitrary code on a user's system via a directory name containing format string specifiers. Successful exploitation requires that the attacker is able to create directories within the user's Weex home directory." http://secunia.com/advisories/17028/ Patch from FreeBSD PR ports/86833.
author: salo <salo@pkgsrc.org> 2005-10-05 13:38:13 +0000
committer: salo <salo@pkgsrc.org> 2005-10-05 13:38:13 +0000
commit: 35e59726bc366261d5fd65128b426b333fd0b78f (patch)
tree: 6bc69002f879a85ecad4ea5595251765034f0d36 /www/weex/Makefile
parent: 5c11268df7a1edc65c6fe94d70f29b8e933390d7 (diff)
download: pkgsrc-35e59726bc366261d5fd65128b426b333fd0b78f.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/www/weex/Makefile b/www/weex/Makefile
index b8df83b0d27..ada39182662 100644
--- a/www/weex/Makefile
+++ b/www/weex/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2005/06/17 04:49:49 jlam Exp $
+# $NetBSD: Makefile,v 1.9 2005/10/05 13:38:13 salo Exp $
 
 DISTNAME=	weex-2.6.1
+PKGREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://www.enjoy.ne.jp/~gm/program/weex/arc/
author	salo <salo@pkgsrc.org>	2005-10-05 13:38:13 +0000
committer	salo <salo@pkgsrc.org>	2005-10-05 13:38:13 +0000
commit	35e59726bc366261d5fd65128b426b333fd0b78f (patch)
tree	6bc69002f879a85ecad4ea5595251765034f0d36 /www/weex/Makefile
parent	5c11268df7a1edc65c6fe94d70f29b8e933390d7 (diff)
download	pkgsrc-35e59726bc366261d5fd65128b426b333fd0b78f.tar.gz