From 564ec5a0ace4d77efaa63cccd7f542a454022b6d Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Thu, 2 Aug 2018 20:12:10 +0000
Subject: Thu Aug  2 20:12:10 UTC 2018

ap/hplip-3.18.7-x86_64-1.txz:  Upgraded.
l/harfbuzz-1.8.5-x86_64-1.txz:  Upgraded.
n/lftp-4.8.4-x86_64-1.txz:  Upgraded.
  It has been discovered that lftp up to and including version 4.8.3 does
  not properly sanitize remote file names, leading to a loss of integrity
  on the local system when reverse mirroring is used. A remote attacker
  may trick a user to use reverse mirroring on an attacker controlled FTP
  server, resulting in the removal of all files in the current working
  directory of the victim's system.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10916
  (* Security fix *)
x/fonttosfnt-1.0.5-x86_64-1.txz:  Upgraded.
---
 source/n/lftp/lftp.SlackBuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source/n/lftp')

diff --git a/source/n/lftp/lftp.SlackBuild b/source/n/lftp/lftp.SlackBuild
index 81079405f..d98953be3 100755
--- a/source/n/lftp/lftp.SlackBuild
+++ b/source/n/lftp/lftp.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=lftp
 VERSION=${VERSION:-$(echo lftp-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-- 
cgit v1.2.3