Created an attachment (id=603)
dpatch to fix all insecure temporary file creations
Since the patch already existed (but was insecure as well), I replaced it with
the above one, so an interdiff looks strange. Apart from this dpatch, only the
changelog was modified:
gs-common (0.3.6ubuntu1.1) warty-security; urgency=low
.
* SECURITY UPDATE: fix multiple insecure temporary file vulnerabilities
* completely replaced original patch 01_fix_insecure_tmpfile, which changed
an insecure temporary file by a less insecure temporary directory (still
vulnerable to DOS attack)
* new patch 01_fix_insecure_tmpfile: use mktemp to properly generate
temporary files in scripts/ps2epsi and scripts/pv.sh (Warty bug #9447)
* References:
- CAN-2004-0967
- http://bugs.debian.org/278282
Created an attachment (id=603)
dpatch to fix all insecure temporary file creations
Since the patch already existed (but was insecure as well), I replaced it with
the above one, so an interdiff looks strange. Apart from this dpatch, only the
changelog was modified:
gs-common (0.3.6ubuntu1.1) warty-security; urgency=low insecure_ tmpfile, which changed insecure_ tmpfile: use mktemp to properly generate bugs.debian. org/278282
.
* SECURITY UPDATE: fix multiple insecure temporary file vulnerabilities
* completely replaced original patch 01_fix_
an insecure temporary file by a less insecure temporary directory (still
vulnerable to DOS attack)
* new patch 01_fix_
temporary files in scripts/ps2epsi and scripts/pv.sh (Warty bug #9447)
* References:
- CAN-2004-0967
- http://