[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

math/graphviz: New license and unsafe use of tmp files.




December 2004 Graphviz changed their license to Common Public License (CPL), as may be seen: http://www.graphviz.org/News.php This should make it less of a hassle to install it as it should not be needed to manually agree to the (now old) license when building the port.

Graphviz uses tmp files in an unsafe way, and from the advisory
it seems the OpenBSD version might be vulnerable as well:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2965

/Sigfred



Visit your host, monkey.org