#2239: patch-2.5.9
--------------------+-------------------------------------------------------
Reporter: ABCD | Owner: [EMAIL PROTECTED]
Type: task | Status: new
Priority: normal | Milestone: 7.0
Component: Book | Version: SVN
Severity: normal | Keywords:
--------------------+-------------------------------------------------------
Comment(by [EMAIL PROTECTED]):
The mkstemp patch is not from upstream and is disputed by the maintainer,
saying that mktemp is being used correctly. The fixes patch is from
upstream, and fixes a dos2unix bug that is not present in patch-2.5.4.
Patch-2.5.4 has a 'patch -V foo' bounds checking bug, which causes a
segfault, and is fixed in 2.5.9. If LFS bumps to 2.5.9, I suggest only
using the fixes patch. If LFS stays with 2.5.4, the -V bug is not known to
be exploitable but is one of the reasons that most distributions have
bumped to 2.5.9.
--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/2239#comment:9>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
--
http://linuxfromscratch.org/mailman/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/lfs/faq.html
Unsubscribe: See the above information page
