cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
662deeaedb
openbsd-ports/lang
History
brad 0da69615f6 Fix security issue with Python 2.1/2.2 
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.

By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.

http://python.org/sf/590294
http://python.org/sf/601077
2002-10-08 02:52:25 +00:00
..
camlp4 Stub out camlp4, which has been included in ocaml. 2002-08-25 20:55:49 +00:00
clisp Drop maintainership, follow-up ? 2002-09-15 11:46:09 +00:00
egcs non-insane name for libstdc++. 2002-10-05 09:40:58 +00:00
erlang Add missing RCS Id. 2002-04-07 01:54:47 +00:00
expect oops, the expect man page shouldn't be here. 2002-07-22 23:54:52 +00:00
ezm3 Don't depend on X11; prodded by wcobb@ 2002-09-07 14:02:35 +00:00
gawk remove NEED_VERSION from my remaining ports 2002-09-17 15:22:26 +00:00
Gofer Add missing RCS Id. 2002-04-07 01:54:47 +00:00
guavac o redo patches for modern day naming conventions 2002-09-19 22:29:36 +00:00
guile More MASTER_SITES_SUBDIR out 2002-05-13 23:31:24 +00:00
hugs Hugs 98, from maintainer. 2002-04-27 06:16:18 +00:00
icon Add missing RCS Id. 2002-04-07 01:54:47 +00:00
intel2gas better 2002-03-02 19:38:04 +00:00
jikes Turn off PERMIT_*_CDROM after jsyn discovered a bizarre indemnity clause 2002-09-18 15:39:57 +00:00
kaffe md5->distinfo 2002-03-21 20:20:41 +00:00
klone Bump NEED_VERSION 2002-03-21 21:09:16 +00:00
libgcj Add missing RCS Id. 2002-04-07 01:54:47 +00:00
librep not for static arches (otherwise even configure complains & exits) 2002-09-24 07:35:13 +00:00
lua Bump NEED_VERSION 2002-03-21 21:09:16 +00:00
mawk remove myself as MAINTAINER from a number of ports that I don't use anymore, don't want to maintain, etc. 2002-07-30 14:36:49 +00:00
ocaml oups, this was a new file 2002-09-16 18:55:04 +00:00
otcl add minor number to sharedlib, ok espie@ 2002-03-27 13:29:15 +00:00
pm3 Bump NEED_VERSION 2002-03-21 21:09:16 +00:00
python Fix security issue with Python 2.1/2.2 2002-10-08 02:52:25 +00:00
ruby Fix tk flavor (noticed by Jim Geovedi) 2002-09-20 14:58:38 +00:00
scheme-report Bump NEED_VERSION 2002-03-21 21:09:16 +00:00
scm Bump NEED_VERSION 2002-03-21 21:09:16 +00:00
smlnj Remove some shit, thx Nikolai 2002-06-30 16:06:12 +00:00
squeak - workaround for powerpc suggested by espie 2002-03-25 01:00:53 +00:00
STk md5->distinfo 2002-03-21 20:20:41 +00:00
tcl More MASTER_SITES_SUBDIR out 2002-05-13 23:31:24 +00:00
unicon not for powerpc, this hangs in the build so mark it as such for now; ok espie 2002-09-09 16:07:10 +00:00
Makefile Stub out camlp4, which has been included in ocaml. 2002-08-25 20:55:49 +00:00