Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id 4197B63B883 for ; Thu, 12 Aug 2010 17:54:16 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 0) id DB8CE63B101; Thu, 12 Aug 2010 17:54:15 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 0108163B100 for ; Thu, 12 Aug 2010 17:54:14 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id D6440175DD; Thu, 12 Aug 2010 17:54:14 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain Date: Thu, 12 Aug 2010 17:54:14 +0000 From: Zafer Aydogan Subject: CVS commit: pkgsrc/net/socat To: pkgsrc-changes@NetBSD.org Reply-To: zafer@netbsd.org X-Mailer: log_accum Message-Id: <20100812175414.D6440175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: list Module Name: pkgsrc Committed By: zafer Date: Thu Aug 12 17:54:14 UTC 2010 Modified Files: pkgsrc/net/socat: Makefile distinfo Log Message: Update socat to 1.7.1.3 Changelog: security: fixed a stack overflow vulnerability that occurred when command line arguments (whole addresses, host names, file names) were longer than 512 bytes. Note that this could only be exploited when an attacker was able to inject data into socat's command line. Full credits to Felix Grobert, Google Security Team, for finding and reporting this issue To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 pkgsrc/net/socat/Makefile cvs rdiff -u -r1.14 -r1.15 pkgsrc/net/socat/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.