diff options
author | gjb <gjb@FreeBSD.org> | 2015-04-28 18:12:03 +0000 |
---|---|---|
committer | gjb <gjb@FreeBSD.org> | 2015-04-28 18:12:03 +0000 |
commit | e66d470bac2fe06f148f088cb0a8d26d9ecd2a90 (patch) | |
tree | 47a619b46c4abca21bb49a5a83ba4ad240fca466 | |
parent | a8eeb1fd3cf65b0855fb155b81d0e203ae3e373c (diff) | |
download | FreeBSD-src-e66d470bac2fe06f148f088cb0a8d26d9ecd2a90.zip FreeBSD-src-e66d470bac2fe06f148f088cb0a8d26d9ecd2a90.tar.gz |
Document r281936, disallow ar(1) directory traversal.
Sponsored by: The FreeBSD Foundation
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.xml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.xml b/release/doc/en_US.ISO8859-1/relnotes/article.xml index d6ca94c..f856f3b 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.xml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.xml @@ -192,6 +192,13 @@ sponsor="&limelight;">A new flag, <literal>-R</literal>, has been added to the &man.netstat.8; utility, which is used to dump <acronym>RSS</acronym>/flow information.</para> + + <para revision="281936" contrib="sponsor" sponsor="&ff;">The + &man.ar.1; utility has been updated to set + <literal>ARCHIVE_EXTRACT_SECURE_SYMLINKS</literal> and + <literal>ARCHIVE_EXTRACT_SECURE_NODOTDOT</literal> to disallow + directory traversal when extracting an archive, similar to + &man.tar.1;.</para> </sect2> <sect2 xml:id="userland-contrib"> |