head	1.1;
access;
symbols
	RELEASE_8_3_0:1.1
	RELEASE_9_0_0:1.1
	RELEASE_7_4_0:1.1
	RELEASE_8_2_0:1.1
	RELEASE_6_EOL:1.1
	RELEASE_8_1_0:1.1
	RELEASE_7_3_0:1.1
	RELEASE_8_0_0:1.1
	RELEASE_7_2_0:1.1
	RELEASE_7_1_0:1.1
	RELEASE_6_4_0:1.1
	RELEASE_5_EOL:1.1
	RELEASE_7_0_0:1.1
	RELEASE_6_3_0:1.1
	PRE_XORG_7:1.1
	RELEASE_4_EOL:1.1
	RELEASE_6_2_0:1.1
	RELEASE_6_1_0:1.1
	RELEASE_5_5_0:1.1
	RELEASE_6_0_0:1.1
	RELEASE_5_4_0:1.1
	RELEASE_4_11_0:1.1
	RELEASE_5_3_0:1.1;
locks; strict;
comment	@# @;


1.1
date	2004.05.03.14.31.41;	author dinoex;	state Exp;
branches;
next	;


desc
@@


1.1
log
@- Security Fix: symlink vulnerability
patch from:
ftp://updates.redhat.com/9/en/os/SRPMS/lha-1.14i-9.1.src.rpm"
@
text
@--- src/lhext.c.symlink	2000-10-04 10:57:38.000000000 -0400
+++ src/lhext.c	2003-05-19 22:55:57.000000000 -0400
@@@@ -351,6 +351,7 @@@@ extract_one(afp, hdr)
 				}
 
 				unlink(bb1);
+				make_parent_path(bb1);
 				l_code = symlink(bb2, bb1);
 				if (l_code < 0) {
 					if (quiet != TRUE)
@
