[MacPorts] #47050: pass @1.6.3 update to 1.6.5

Sat Mar 7 16:22:39 PST 2015

#47050: pass @1.6.3 update to 1.6.5
----------------------+--------------------------
  Reporter:  edwin@…  |      Owner:  ryandesign@…
      Type:  update   |     Status:  assigned
  Priority:  Normal   |  Milestone:
 Component:  ports    |    Version:  2.3.3
Resolution:           |   Keywords:  haspatch
      Port:  pass     |
----------------------+--------------------------

Comment (by john@…):

 Note that pass is invoking `mktemp`, `gpg2`, `srm`, etc at ''run-time'',
 and will pick whatever happens to come first in the user's `$PATH`. This
 could be a problem if there's something unexpected in there that happens
 to share a name with one of the above, either maliciously or just through
 unfortunate coincidence.

 I don't think there's anything that MacPorts can do about this; as far as
 I know the 'sanitization' you refer to only happens at install-time.

-- 
Ticket URL: <https://trac.macports.org/ticket/47050#comment:6>
MacPorts <https://www.macports.org/>
Ports system for OS X