Bug#598418: magics++: NMU diff for 2.10.0.dfsg-5.1

[jari . aalto]

Dear maintainer,

Here is the NMU diff according to DevRef 5.11.1[1][2] for bug: #598418.
See the debian/patches directory for the important fixes.

Let me know if it's ok to proceed with the NMU.

Thank you for maintaining the package,
Jari Aalto

[1] http://www.debian.org/doc/developers-reference/pkgs.html#nmu
[2] http://dep.debian.net/deps/dep1.html

lsdiff(1) of changes:

    magics++-2.10.0.dfsg/debian/changelog
    magics++-2.10.0.dfsg/debian/patches/cve-2010-3393.patch


diffstat for magics++-2.10.0.dfsg magics++-2.10.0.dfsg

 changelog                   |    9 ++++++++
 patches/cve-2010-3393.patch |   46 ++++++++++++++++++++++++--------------------
 2 files changed, 35 insertions(+), 20 deletions(-)

diff -Nru magics++-2.10.0.dfsg/debian/changelog magics++-2.10.0.dfsg/debian/changelog
--- magics++-2.10.0.dfsg/debian/changelog	2010-09-26 14:44:25.000000000 +0300
+++ magics++-2.10.0.dfsg/debian/changelog	2010-10-16 19:56:10.000000000 +0300
@@ -1,3 +1,12 @@
+magics++ (2.10.0.dfsg-5.1) unstable; urgency=low
+
+  * debian/patches
+    - (cve-2010-3393): Refresh patch. Restore deleted line
+      'python="@MAGICS_PYTHON@"' and adjust treatment of LD_LIBRARY_PATH.
+      See reopened bug for details. (Closes: #598418).
+
+ -- Jari Aalto <jari.aa...@cante.net>  Sat, 16 Oct 2010 19:56:10 +0300
+
 magics++ (2.10.0.dfsg-5) unstable; urgency=low
 
   * CVE-2010-3393: Fix LD_LIBRARY_PATH edit. Closes: #598418. 
diff -Nru magics++-2.10.0.dfsg/debian/patches/cve-2010-3393.patch magics++-2.10.0.dfsg/debian/patches/cve-2010-3393.patch
--- magics++-2.10.0.dfsg/debian/patches/cve-2010-3393.patch	2010-09-26 14:42:47.000000000 +0300
+++ magics++-2.10.0.dfsg/debian/patches/cve-2010-3393.patch	2010-10-16 19:52:41.000000000 +0300
@@ -1,30 +1,33 @@
-Index: magics++-2.10.0.dfsg/magics-config.in
-===================================================================
---- magics++-2.10.0.dfsg.orig/magics-config.in	2010-09-26 12:42:02.000000000 +0100
-+++ magics++-2.10.0.dfsg/magics-config.in	2010-09-26 12:42:42.000000000 +0100
-@@ -9,7 +9,6 @@
- AXX="@AXX@"
- FFLAGS="@FFLAGS@"
- CPPLIBS="@CPPLIBS@"
--python="@MAGICS_PYTHON@"
- py_dir="@PYTHON_SITE_PACKAGES_DIR@"
- suffix=""
- 
-@@ -73,6 +72,13 @@
+From 47e66c6b30c4fab0dc31f63dc5c33a86152bca55 Mon Sep 17 00:00:00 2001
+From: Jari Aalto <jari.aa...@cante.net>
+Date: Sat, 16 Oct 2010 19:52:12 +0300
+Subject: [PATCH] Fix insecure library loading
+Organization: Private
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Jari Aalto <jari.aa...@cante.net>
+---
+ magics-config.in |    4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+ mode change 100644 => 100755 magics-config.in
+
+diff --git a/magics-config.in b/magics-config.in
+old mode 100644
+new mode 100755
+index dd07ffd..4f79860
+--- a/magics-config.in
++++ b/magics-config.in
+@@ -73,6 +73,8 @@ if test -h ${prefix}; then
  	fi
  fi
  
-+if test -h ${LD_LIBRARY_PATH}; then
-+     ldlib=${prefix}/lib
-+else
-+     ldlib=${prefix}/lib:${LD_LIBRARY_PATH}
-+fi
-+
++ldlib="${prefix}/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
 +
  if test $# -eq 0; then
  	usage 1 1>&2
  fi
-@@ -102,7 +108,7 @@
+@@ -102,7 +104,7 @@ while test $# -gt 0; do
  		echo ""
  		echo "   export MAGPLUS_HOME=${prefix}"
  		echo "   export PATH=${prefix}/bin:\$PATH"
@@ -33,3 +36,6 @@
  		echo "   export PYTHONPATH=\"${py_dir}:\${PYTHONPATH:-/usr/lib}\""
  		echo ""
  		echo " You might want add these lines to your login scripts (.profile, .kshrc or .bashrc)."
+-- 
+1.7.1
+