reverted: --- checkinstall-1.6.1/debian/dirs +++ checkinstall-1.6.1.orig/debian/dirs @@ -1,2 +0,0 @@ -usr/bin -usr/sbin diff -u checkinstall-1.6.1/debian/control checkinstall-1.6.1/debian/control --- checkinstall-1.6.1/debian/control +++ checkinstall-1.6.1/debian/control @@ -4,13 +4,14 @@ Maintainer: Ubuntu MOTU Developers XSBC-Original-Maintainer: Felipe Sateler Build-Depends: debhelper (>= 4.0.0), gettext, docbook-to-man, libc6-dev (>= 2.5) [!alpha !ia64 !kfreebsd-i386 !kfreebsd-amd64 !hurd-i386], libc6.1-dev (>= 2.5) [alpha ia64] -Standards-Version: 3.7.2 -XS-Vcs-Svn: svn://svn.debian.org/collab-maint/ext-maint/checkinstall -XS-Vcs-Browser: http://svn.debian.org/wsvn/collab-maint/ext-maint/checkinstall/?rev=0&sc=0 +Standards-Version: 3.8.0 +Vcs-Svn: svn://svn.debian.org/collab-maint/ext-maint/checkinstall +Vcs-Browser: http://svn.debian.org/wsvn/collab-maint/ext-maint/checkinstall/?rev=0&sc=0 +Homepage: http://asic-linux.com.mx/~izto/checkinstall/ Package: checkinstall Architecture: any -Depends: ${shlibs:Depends}, file, findutils (>= 4.2), make +Depends: ${shlibs:Depends}, file, findutils (>= 4.2), dpkg-dev, make Suggests: gettext Replaces: installwatch Conflicts: installwatch @@ -24,2 +25 @@ - . - Homepage: http://asic-linux.com.mx/~izto/checkinstall/ + diff -u checkinstall-1.6.1/debian/changelog checkinstall-1.6.1/debian/changelog --- checkinstall-1.6.1/debian/changelog +++ checkinstall-1.6.1/debian/changelog @@ -1,3 +1,34 @@ +checkinstall (1.6.1-7ubuntu1) intrepid; urgency=low + + * Merge from debian unstable, remaining changes (LP: #243132): + - Use /usr/bin/which instead of which. + - add make to Depends, checkinstall doesn't work without it. + - Modify Maintainer value to match Debian-Maintainer-Field Spec + + -- Nathan Handler Thu, 10 Jul 2008 13:44:30 -0500 + +checkinstall (1.6.1-7) unstable; urgency=high + + * Use mktemp instead of awk magic to create temporary directories. + The original implementation had a race condition that allowed for a + symlink attack. This is security related, so set urgency to high. + + -- Felipe Sateler Wed, 25 Jun 2008 23:58:05 -0400 + +checkinstall (1.6.1-6) unstable; urgency=low + + * Use the new Vcs-* fields. + * Do not ship empty directories. + * Use $(MAKE) instead of make in the makefile + * Support Provides: field in debian. + * Depend on dpkg-dev, since we use dpkg-architecture + (Closes: #484828) + * Move url to the Homepage field. + * Convert debian/copyright to UTF-8. + * Bump standards version to 3.8.0 (no changes needed). + + -- Felipe Sateler Thu, 12 Jun 2008 08:57:53 -0400 + checkinstall (1.6.1-5ubuntu1) hardy; urgency=low * Merge from Debian unstable. Remaining Ubuntu changes: diff -u checkinstall-1.6.1/debian/checkinstall.sgml checkinstall-1.6.1/debian/checkinstall.sgml --- checkinstall-1.6.1/debian/checkinstall.sgml +++ checkinstall-1.6.1/debian/checkinstall.sgml @@ -237,7 +237,7 @@ - Features provided by this package (currently only on RPM). + Features provided by this package (currently only on RPM and Deb). diff -u checkinstall-1.6.1/debian/copyright checkinstall-1.6.1/debian/copyright --- checkinstall-1.6.1/debian/copyright +++ checkinstall-1.6.1/debian/copyright @@ -3,7 +3,7 @@ It was downloaded from http://asic-linux.com.mx/~izto/checkinstall/ -Copyright (c) 2002-2006 Felipe Eduardo Sánchez Díaz Durán +Copyright (c) 2002-2006 Felipe Eduardo SÃ¡nchez DÃaz DurÃ¡n License: diff -u checkinstall-1.6.1/checkinstall checkinstall-1.6.1/checkinstall --- checkinstall-1.6.1/checkinstall +++ checkinstall-1.6.1/checkinstall @@ -965,16 +965,8 @@ # Find a safe TMP_DIR -TMP_DIR=${BASE_TMP_DIR}/`awk 'BEGIN { srand(); for (i=1;i<22;i++) { a=95; while (a > 90 && a < 97) { a=65+int(50*rand())}; printf("%c", a) } }'` -[ -e "$TMP_DIR" ] && rm -rf $TMP_DIR -if [ -e "$TMP_DIR" ]; then - echo - echog "My temp dir exists already.\nThis looks like a symlink attack!" - echo - echog "*** Aborting" - echo - exit 1 -fi +TMP_DIR=`mktemp -q -d -p "${BASE_TMP_DIR}"` +RETURN=$? if [ "$TMP_DIR" = "$BASE_TMP_DIR" -o "$TMP_DIR" = "/" ]; then echo @@ -985,11 +977,6 @@ exit 1 fi - -mkdir $TMP_DIR -chmod 700 $TMP_DIR -RETURN=$? - if [ $RETURN -gt 0 ]; then echo echog "**** Failed to create temp dir! \n**** Do you have write permission for %s? \n\n**** Aborting installation." "$BASE_TMP_DIR" @@ -1300,7 +1287,8 @@ echog "8 - Source location: [ %s ]" "$SOURCE" echog "9 - Alternate source location: [ %s ]" "$ALTSOURCE" echog "10 - Requires: [ %s ]" "$REQUIRES" - [ "$CK_REDHAT" ] && echog "11 - Provides: [ %s ]" "$PROVIDES" + [ "$CK_REDHAT" -o "$CK_DEBIAN" ] && \ + echog "11 - Provides: [ %s ]" "$PROVIDES" echo @@ -2423,6 +2411,7 @@ Architecture: $ARCHITECTURE Version: ${VERSION}-${RELEASE} Depends: $REQUIRES +Provides: $PROVIDES Description: $SUMMARY EOF only in patch2: unchanged: --- checkinstall-1.6.1.orig/Makefile +++ checkinstall-1.6.1/Makefile @@ -19,11 +19,11 @@ ;; \ esac ; \ done - make -C installwatch-0.7.0beta5 + $(MAKE) -C installwatch-0.7.0beta5 install: all export - make -C installwatch-0.7.0beta5 install + $(MAKE) -C installwatch-0.7.0beta5 install mkdir -p $(BINDIR) install checkinstall makepak $(BINDIR) @@ -58,4 +58,4 @@ for file in locale/checkinstall-*.mo ; do \ rm -f $${file} ; \ done - make -C installwatch-0.7.0beta5 clean + $(MAKE) -C installwatch-0.7.0beta5 clean only in patch2: unchanged: --- checkinstall-1.6.1.orig/installwatch-0.7.0beta5/installwatch +++ checkinstall-1.6.1/installwatch-0.7.0beta5/installwatch @@ -74,30 +74,7 @@ local mkt_refdir=$1 local mkt_wrkdir="" - mkt_wrkdir=${BASE_TMP_DIR}/\ -`awk 'BEGIN {\ - srand();\ - for (i=1;i<21;i++) {\ - a=95;\ - while (a > 90 && a < 97) {\ - a=65+int(50*rand())\ - };\ - printf("%c", a) \ - }\ -}'` - - [ -e "${mkt_wrkdir}" ] && rm -rf ${mkt_wrkdir} - if [ -e "${mkt_wrkdir}" ]; then - echo - echo "Error : My temp dir exists already. This looks like a symlink attack!" - echo - echo "*** Aborting ***" - echo - exit 1 - fi - - mkdir ${mkt_wrkdir} - chmod 0700 ${mkt_wrkdir} + mkt_wrkdir=`mktemp -q -d -p ${BASE_TMP_DIR}` eval $mkt_refdir=\$mkt_wrkdir }