diff options
author | Tobias C. Berner <tcberner@FreeBSD.org> | 2016-08-30 18:10:34 +0000 |
---|---|---|
committer | Tobias C. Berner <tcberner@FreeBSD.org> | 2016-08-30 18:10:34 +0000 |
commit | ab5ae0addbad15577a42f27263c6cf9d8f386362 (patch) | |
tree | 6b05ecb691d1d084c5dca6f45399e367d8d8369e /net/ssltunnel-server | |
parent | 9c1cc584947f5078cfb37a3e07f2431a5b67467f (diff) | |
download | ports-ab5ae0addbad15577a42f27263c6cf9d8f386362.tar.gz ports-ab5ae0addbad15577a42f27263c6cf9d8f386362.zip |
MFH: r420994
Add upstream patch for a security issue in karchive:
Directory traversal vulnerability in KArchive before 5.24, as
used in KDE Frameworks, allows remote attackers to write to
arbitrary files via a ../ (dot dot slash) in a filename in an
archive file, related to KNewsstuff downloads.
Review the patch is from: https://git.reviewboard.kde.org/r/128749/
Original KF5 review: https://git.reviewboard.kde.org/r/128185/
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6232
Approved by: rakuco (mentor)
Security: 4472ab39-6c66-11e6-9ca5-50e549ebab6c, CVE-2016-6232
Approved by: ports-secteam (junovitch), rakuco (mentor)
Notes
Notes:
svn path=/branches/2016Q3/; revision=421128
Diffstat (limited to 'net/ssltunnel-server')
0 files changed, 0 insertions, 0 deletions