Author: gjb
Date: Tue Apr 28 18:12:03 2015
New Revision: 282194
URL: https://svnweb.freebsd.org/changeset/base/282194
Log:
Document r281936, disallow ar(1) directory traversal.
Sponsored by: The FreeBSD Foundation
Modified:
stable/10/release/doc/en_US.ISO8859-1/relnotes/article.xml
Modified: stable/10/release/doc/en_US.ISO8859-1/relnotes/article.xml
==============================================================================
--- stable/10/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Apr 28
18:12:01 2015 (r282193)
+++ stable/10/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Apr 28
18:12:03 2015 (r282194)
@@ -192,6 +192,13 @@
sponsor="&limelight;">A new flag, <literal>-R</literal>, has
been added to the &man.netstat.8; utility, which is used to
dump <acronym>RSS</acronym>/flow information.</para>
+
+ <para revision="281936" contrib="sponsor" sponsor="&ff;">The
+ &man.ar.1; utility has been updated to set
+ <literal>ARCHIVE_EXTRACT_SECURE_SYMLINKS</literal> and
+ <literal>ARCHIVE_EXTRACT_SECURE_NODOTDOT</literal> to disallow
+ directory traversal when extracting an archive, similar to
+ &man.tar.1;.</para>
</sect2>
<sect2 xml:id="userland-contrib">
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
