pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q1]: pkgsrc/converters/uudeview Pullup ticket #2407 - requ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/49c7423171fa
branches: pkgsrc-2008Q1
changeset: 540396:49c7423171fa
user: tron <tron%pkgsrc.org@localhost>
date: Mon Jun 02 11:54:40 2008 +0000
description:
Pullup ticket #2407 - requested by dholland
Security patch for uudeview
Revisions pulled up:
- converters/uudeview/Makefile 1.28
- converters/uudeview/distinfo 1.8
- converters/uudeview/patches/patch-ac 1.5
---
Module Name: pkgsrc
Committed By: dholland
Date: Sun Jun 1 21:49:56 UTC 2008
Modified Files:
pkgsrc/converters/uudeview: Makefile distinfo
Added Files:
pkgsrc/converters/uudeview/patches: patch-ac
Log Message:
Fix insecure-temporary-files, as reported in Debian bug 480972.
PKGREVISION++.
diffstat:
converters/uudeview/Makefile | 4 +-
converters/uudeview/distinfo | 3 +-
converters/uudeview/patches/patch-ac | 42 ++++++++++++++++++++++++++++++++++++
3 files changed, 46 insertions(+), 3 deletions(-)
diffs (73 lines):
diff -r 75b5ee5ee9b1 -r 49c7423171fa converters/uudeview/Makefile
--- a/converters/uudeview/Makefile Mon Jun 02 09:42:11 2008 +0000
+++ b/converters/uudeview/Makefile Mon Jun 02 11:54:40 2008 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.27 2007/02/22 19:26:15 wiz Exp $
+# $NetBSD: Makefile,v 1.27.10.1 2008/06/02 11:54:40 tron Exp $
#
DISTNAME= uudeview-0.5.20
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= converters
MASTER_SITES= http://www.fpx.de/fp/Software/UUDeview/download/
diff -r 75b5ee5ee9b1 -r 49c7423171fa converters/uudeview/distinfo
--- a/converters/uudeview/distinfo Mon Jun 02 09:42:11 2008 +0000
+++ b/converters/uudeview/distinfo Mon Jun 02 11:54:40 2008 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.7 2005/02/23 16:12:35 agc Exp $
+$NetBSD: distinfo,v 1.7.26.1 2008/06/02 11:54:40 tron Exp $
SHA1 (uudeview-0.5.20.tar.gz) = 2c6ab7d355b545218bd0877d598bd5327d9fd125
RMD160 (uudeview-0.5.20.tar.gz) = 9bb52fa3ad4979383ff16d1e8d8a302c5c794c66
Size (uudeview-0.5.20.tar.gz) = 261574 bytes
SHA1 (patch-aa) = bf7e281b7e0e2ceae6bc8c19c9e64cdb7d5a9d64
SHA1 (patch-ab) = bdd62a84d0f62c697dd4440df861c343ffeb683a
+SHA1 (patch-ac) = 2ae6579816e2ee1273c2c8db6bf82b8954a3d16c
diff -r 75b5ee5ee9b1 -r 49c7423171fa converters/uudeview/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/converters/uudeview/patches/patch-ac Mon Jun 02 11:54:40 2008 +0000
@@ -0,0 +1,42 @@
+$NetBSD: patch-ac,v 1.4.36.1 2008/06/02 11:54:40 tron Exp $
+
+--- unix/uudeview.c.orig 2003-04-12 19:33:55.000000000 -0400
++++ unix/uudeview.c 2008-06-01 17:02:31.000000000 -0400
+@@ -31,6 +31,7 @@
+ #include <stdio.h>
+ #include <ctype.h>
+ #include <signal.h>
++#include <paths.h>
+
+ #ifdef HAVE_FCNTL_H
+ #include <fcntl.h>
+@@ -440,6 +441,7 @@
+ {
+ static char buffer[1024];
+ char *stdfile;
++ int targetfd;
+ FILE *target;
+ size_t bytes;
+ int res;
+@@ -449,11 +451,20 @@
+ return 0;
+ }
+
+- if ((stdfile = tempnam (NULL, "uu")) == NULL) {
++ if ((stdfile = strdup (_PATH_TMP "uu.XXXXXX")) == NULL) {
+ fprintf (stderr, "proc_stdin: cannot get temporary file\n");
+ return 0;
+ }
+
++ if ((targetfd = mkstemp (stdfile)) < 0) {
++ fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n",
++ stdfile, strerror (errno));
++ _FP_free (stdfile);
++ return 0;
++ }
++
++ /* file now safely exists, reopen it with the right mode */
++ close(targetfd);
+ if ((target = fopen (stdfile, "wb")) == NULL) {
+ fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n",
+ stdfile, strerror (errno));
Home |
Main Index |
Thread Index |
Old Index