head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.24 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.22 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.20 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.18 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.16 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.14 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.12 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.10 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.8 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.6 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.4 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.2 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.1.0.14 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.12 pkgsrc-2007Q1-base:1.1 pkgsrc-2006Q4:1.1.0.10 pkgsrc-2006Q4-base:1.1 pkgsrc-2006Q3:1.1.0.8 pkgsrc-2006Q3-base:1.1 pkgsrc-2006Q2:1.1.0.6 pkgsrc-2006Q2-base:1.1 pkgsrc-2006Q1:1.1.0.4 pkgsrc-2006Q1-base:1.1 pkgsrc-2005Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2007.09.04.21.11.58; author drochner; state dead; branches; next 1.1; 1.1 date 2006.01.17.22.48.57; author adrianp; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2006.01.17.22.48.57; author snj; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.03.11.03.48.05; author snj; state Exp; branches; next ; desc @@ 1.2 log @update to 0.9.17 changes: Scalable Vector Graphic (SVG) stamps, Japanese and Korean text entry, improved printing and monitor support, and stamp categories are just a few of the many improvements. @ text @$NetBSD: patch-ac,v 1.1 2006/01/17 22:48:57 adrianp Exp $ --- src/tuxpaint-import.sh.orig 2003-06-17 10:10:59.000000000 +0100 +++ src/tuxpaint-import.sh @@@@ -12,8 +12,8 @@@@ # September 21, 2002 - June 17, 2003 -TMPDIR=/tmp SAVEDIR=$HOME/.tuxpaint/saved +TMPDIR=$SAVEDIR if [ $# -eq 0 ]; then @ 1.1 log @Add a patch via Debain to address: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3340 "The vulnerability is caused due to temporary files being created insecurely in the "/tmp" directory by the tuxpaint-import.sh script. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user running the affected script." Bump to nb6. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ac was added on branch pkgsrc-2005Q4 on 2006-01-17 22:48:57 +0000 @ text @d1 14 @ 1.1.2.2 log @Pullup ticket 1203 - requested by Joerg Sonnenberger security fix for tuxpaint Revisions pulled up: - pkgsrc/graphics/tuxpaint/Makefile 1.35 - pkgsrc/graphics/tuxpaint/distinfo 1.18 - pkgsrc/graphics/tuxpaint/patches/patch-ac 1.1 Module Name: pkgsrc Committed By: adrianp Date: Tue Jan 17 22:48:57 UTC 2006 Modified Files: pkgsrc/graphics/tuxpaint: Makefile distinfo Added Files: pkgsrc/graphics/tuxpaint/patches: patch-ac Log Message: Add a patch via Debain to address: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3340 "The vulnerability is caused due to temporary files being created insecurely in the "/tmp" directory by the tuxpaint-import.sh script. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user running the affected script." Bump to nb6. @ text @a0 14 $NetBSD: patch-ac,v 1.1.2.1 2006/03/11 03:48:05 snj Exp $ --- src/tuxpaint-import.sh.orig 2003-06-17 10:10:59.000000000 +0100 +++ src/tuxpaint-import.sh @@@@ -12,8 +12,8 @@@@ # September 21, 2002 - June 17, 2003 -TMPDIR=/tmp SAVEDIR=$HOME/.tuxpaint/saved +TMPDIR=$SAVEDIR if [ $# -eq 0 ]; then @