11:14 AM - lha vulnerabilities
Several vulnerabilities have been found in archivers/lha. These are similar to the gzip issues found a few months back. MidnightBSD was the first to get an update into ports as OpenBSD, NetBSD's pkgsrc and FreeBSD do not have an update in cvs. Several of the linux distros beat us to it, however.
In the process, I've switched the port over to a maintained version. The original had not been updated since 2000 and had port specific patches up to two years ago. OpenBSD is using this version as well although they haven't updated to p1.
The port was a bit rushed so please report any problems with it.