git: patch - Remove RCS and SCCS auto-checkout support
Matthew Dillon
dillon at crater.dragonflybsd.org
Fri Jul 24 19:46:34 PDT 2015
commit 05172c8dd418493b9dd5ea9bf9cc684f3cf2e705
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Fri Jul 24 19:40:41 2015 -0700
patch - Remove RCS and SCCS auto-checkout support
* Remove stale RCS and SCCS support which involves the patch(1) program
constructing a system() command using filename data supplied from the
file. DragonFly deems this to be too dangerous, quoted or not.
Security: CVE-2015-1416
Reported-by: Xin Li, Martin Natano
Summary of changes:
usr.bin/patch/common.h | 2 --
usr.bin/patch/inp.c | 74 +++++---------------------------------------------
usr.bin/patch/patch.1 | 10 ++-----
3 files changed, 10 insertions(+), 76 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/05172c8dd418493b9dd5ea9bf9cc684f3cf2e705
--
DragonFly BSD source repository
More information about the Commits
mailing list