© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Message-ID: <email address hidden>
Date: Tue, 2 Nov 2004 19:28:48 +0100
From: Martin Schulze <email address hidden>
To: Martin Michlmayr <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#279229: CAN-2004-0972: Insecure temporary directory
--ys8nbMVQRzTucb0g
Content-Type: text/plain; charset=iso-8859-1
Content-
Martin Michlmayr wrote:
> * Martin Schulze <email address hidden> [2004-11-01 16:37]:
> > Package: lvm10
> > Version: 1.0.8-7
> > Severity: grave
> >
> > I'm attaching the patch we're using for the woody update.
>
> FWIW, no patch was attached.
*sigh* here it is.
I should really open a grave bug against mutt for not reminding me to
add the promised attachments. *grr*
Regards,
Joey
--
Given enough thrust pigs will fly, but it's not necessarily a good idea.
Please always Cc to me when replying to me on the lists.
--ys8nbMVQRzTucb0g
Content-Type: text/plain; charset=iso-8859-1
Content-
diff -u lvm10-1.
--- lvm10-1.
+++ lvm10-1.
@@ -237,6 +237,10 @@
# run out of room on the ramdisk while stripping the libraries.
echo "$cmd -- stripping shared libraries"
mkdir $TMPLIB
+if [ $? -ne 0 ]; then
+ echo "$cmd -- ERROR making $TMPLIB"
+ cleanup 1
+fi
for LIB in $SHLIBS; do
verbose "copy $LIB to $TMPLIB$LIB"
mkdir -p `dirname $TMPLIB$LIB`
diff -u lvm10-1.
--- lvm10-1.
+++ lvm10-1.
@@ -1,3 +1,11 @@
+lvm10 (1:1.0.4-5woody2) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team
+ * Applied Trustix patch to correct insecure temporary directory creation
+ [1.0.4/
+
+ -- Martin Schulze <email address hidden> Sun, 31 Oct 2004 20:31:55 +0100
+
lvm10 (1:1.0.4-5woody1) stable; urgency=medium
* Fix bug in vgimport that could prevent volume groups with out-of-sequence
--ys8nbMVQRzTuc