Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/benchmarks/netperf
From: Tyler R. Retzlaff
Date: 2008-05-13 14:35:13
Message id: 20080513123513.7C5E8175D0@cvs.netbsd.org
Log Message:
pullup ticket #2374 - requested by tonnerre
netperf: fix for symlink vulnerability

revisions pulled up:
- pkgsrc/benchmarks/netperf/Makefile		1.5
- pkgsrc/benchmarks/netperf/distinfo		1.3
- pkgsrc/benchmarks/netperf/patches/patch-ah	1.1
- pkgsrc/benchmarks/netperf/patches/patch-ai	1.1
- pkgsrc/benchmarks/netperf/patches/patch-ak	1.1

   Module Name:	pkgsrc
   Committed By:	tonnerre
   Date:		Mon May 12 15:49:31 UTC 2008

   Modified Files:
   	pkgsrc/benchmarks/netperf: Makefile distinfo
   Added Files:
   	pkgsrc/benchmarks/netperf/patches: patch-ah patch-ai patch-ak

   Log Message:
   Use mkstemp in netperf code to open the debug log in order to avoid
   a symlink vulnerability. This fixes CVE-2007-1444.
Files:
RevisionActionfile
1.4.4.1modifypkgsrc/benchmarks/netperf/Makefile
1.2.6.1modifypkgsrc/benchmarks/netperf/distinfo
1.1.2.2addpkgsrc/benchmarks/netperf/patches/patch-ah
1.1.2.2addpkgsrc/benchmarks/netperf/patches/patch-ai
1.1.2.2addpkgsrc/benchmarks/netperf/patches/patch-ak