+* Noteworthy changes in release 9.5 (2024-03-28) [stable] + +** Bug fixes + + chmod -R now avoids a race where an attacker may replace a traversed file + with a symlink, causing chmod to operate on an unintended file. + [This bug was present in "the beginning".]
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c6b401ac90deb03374def0d840e944e4f9eaad9 commit 0c6b401ac90deb03374def0d840e944e4f9eaad9 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-03-28 16:36:49 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-03-28 16:36:49 +0000 sys-apps/coreutils: add 9.5, drop 9.4_p20240326 Bug: https://bugs.gentoo.org/928062 Signed-off-by: Sam James <sam@gentoo.org> sys-apps/coreutils/Manifest | 4 ++-- .../{coreutils-9.4_p20240326.ebuild => coreutils-9.5.ebuild} | 0 2 files changed, 2 insertions(+), 2 deletions(-)