On Sun, Jul 24, 2005, Ralf S. Engelschall wrote: > On Sun, Jul 24, 2005, Matthias Kurz wrote: > > > There is something wrong. I guess with the patch, but i do not know > > the background... > > > > Well, the problem is that when a path to a file is given the result > > ends in the current dir and not in the "original" dir. > > Example: gzip /foo/bar/baz creates ./baz.gz instead of /foo/bar/baz.gz > > Yes, AFAIK this nasty semantic change is > part of the security fix corresponding to > http://www.openpkg.org/security/OpenPKG-SA-2005.009-gzip.html Hmmm... > I'm wondering how one can adjust the patch to still fix the security > issue and keep the old semantics...?
Wasn't the problem the usage of the '-N' option ? So, what is done should probably only done when '-N' was given. (mk) -- Matthias Kurz; Fuldastr. 3; D-28199 Bremen; VOICE +49 421 53 600 47 >> Im prämotorischen Cortex kann jeder ein Held sein. (bdw) << ______________________________________________________________________ The OpenPKG Project www.openpkg.org Developer Communication List openpkg-dev@openpkg.org
