Subject: CVS commit: pkgsrc/textproc/antiword
From: Lubomir Sedlacik
Date: 2006-01-23 15:23:56
Message id: 20060123142356.4CFD12DA27@cvs.netbsd.org
Log Message:
Security fix for CVE-2005-3126:

"The kantiword script in antiword allow local users to overwrite arbitrary
files via a symlink attack on temporary output and error files."

Replace the naive mktemp usage with something that actually works.
Files:
RevisionActionfile
1.18modifypkgsrc/textproc/antiword/Makefile
1.17modifypkgsrc/textproc/antiword/distinfo
1.11addpkgsrc/textproc/antiword/patches/patch-ab