* Bastian Venthur <[EMAIL PROTECTED]> [2006-04-11 21:14]:
> since you've not responded to my NMU offer one month ago, I'd like to
> offer the NMU again. I see that you're (like me) not (yet) a DD, so you
> can't upload this fix yourself. If you need a sponsor, my AM offered to
> sponsor this upload for you. Please drop me a note if you'd like to take
> this offer.
I've uploaded to the following NMU (to delayed 4) now:
diff -u elmo-1.3.0/debian/changelog elmo-1.3.0/debian/changelog
--- elmo-1.3.0/debian/changelog
+++ elmo-1.3.0/debian/changelog
@@ -1,3 +1,18 @@
+elmo (1.3.0-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+
+ * Fixed makefile.am
+ (closes: #321057 "FTBFS: elmo.inc: No such file or directory")
+
+ * Fixed stats.c to use mkstemp instead of fopen (thanks gentoo)
+ (closes: #318291 "CAN-2005-2230 temporary file vulnerability")
+
+ * Fixed elmo always segfaulting at startup
+ (closes: #349191 "potential segfault")
+
+ -- Bastian Venthur <[EMAIL PROTECTED]> Wed, 15 Mar 2006 14:32:01 +0100
+
elmo (1.3.0-1) unstable; urgency=low
* New upstream release
only in patch2:
unchanged:
--- elmo-1.3.0.orig/src/Makefile.in
+++ elmo-1.3.0/src/Makefile.in
@@ -740,6 +740,8 @@
compose.c: compose.l
$(SHELL) $(YLWRAP) $< lex.cm.c $@ -- $(LEX) -Pcm -s -p
+elmo.c: elmo.inc
+
full-clean: clean
rm -f *~ debug.log xmalloc.log core* confread.c mlex.c compose.c \
exec_table.t $(PLIKI_INC)
only in patch2:
unchanged:
--- elmo-1.3.0.orig/src/Makefile.am
+++ elmo-1.3.0/src/Makefile.am
@@ -90,6 +90,8 @@
compose.c: compose.l
$(SHELL) $(YLWRAP) $< lex.cm.c $@ -- $(LEX) -Pcm -s -p
+elmo.c: elmo.inc
+
full-clean: clean
rm -f *~ debug.log xmalloc.log core* confread.c mlex.c compose.c \
exec_table.t $(PLIKI_INC)
only in patch2:
unchanged:
--- elmo-1.3.0.orig/src/ask.c
+++ elmo-1.3.0/src/ask.c
@@ -143,7 +143,6 @@
result->cd = confhold_open (name);
if (result->cd == -1){
- confhold_close (result->cd);
xfree (result);
return NULL;
}
only in patch2:
unchanged:
--- elmo-1.3.0.orig/src/stats.c
+++ elmo-1.3.0/src/stats.c
@@ -24,6 +24,7 @@
****************************************************************************/
#include <errno.h>
+#include <stdlib.h>
#include "stats.h"
#include "wrapbox.h"
@@ -181,7 +182,8 @@
void
stats_dump (void)
{
- int i;
+ int i, fd;
+ char template[] = "/tmp/elmostatsXXXXXX";
FILE *fp;
mail_t *mail;
struct estats stats;
@@ -200,9 +202,10 @@
process_mail (& stats, mail);
}
- fp = fopen ("/tmp/elmostats", "w");
+ fd = mkstemp(template);
+ fp = fdopen (fd, "w");
if (fp == NULL){
- error_ (errno, _("couldn't open %s"), "/tmp/elmostats");
+ error_ (errno, _("couldn't open %s"), template);
destroy_stats (& stats);
return;
}
--
Martin Michlmayr
http://www.cyrius.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
