Bug#609304: pimd: diff for NMU version 2.1.1-1.1

Jonathan Wiltshire Wed, 12 Jan 2011 12:06:21 -0800

Dear maintainer,

I've prepared an NMU for pimd (versioned as 2.1.1-1.1). The diff
is attached to this message.


Given the urgency of the current freeze, and no reports of problems from
your unstable upload, I've gone ahead and made a direct upload to
testing-proposed-updates (with the release team's ack). I hope that doesn't
inconvenience you too much.

I understand the security team are also investigating the situation in
stable, so there might be further activity for this bug yet.

Regards.

-- 
Jonathan Wiltshire                                      j...@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

only in patch2:
unchanged:
--- pimd-2.1.1.orig/pathnames.h
+++ pimd-2.1.1/pathnames.h
@@ -47,18 +47,15 @@
 #if (defined(BSD) && (BSD >= 199103))
 #define _PATH_PIMD_PID          "/var/run/pimd.pid"
 #define _PATH_PIMD_GENID        "/var/run/pimd.genid"
-#define _PATH_PIMD_DUMP         "/var/tmp/pimd.dump"
-#define _PATH_PIMD_CACHE        "/var/tmp/pimd.cache"
 #elif defined(Linux)
 #define _PATH_PIMD_PID          "/var/run/pimd.pid"
 #define _PATH_PIMD_GENID        "/var/run/pimd.genid"
-#define _PATH_PIMD_DUMP         "/var/tmp/pimd.dump"
-#define _PATH_PIMD_CACHE        "/var/tmp/pimd.cache"
 #else
 #define _PATH_PIMD_PID          "/etc/pimd.pid"
 #define _PATH_PIMD_GENID        "/etc/pimd.genid"
-#define _PATH_PIMD_DUMP         "/usr/tmp/pimd.dump"
-#define _PATH_PIMD_CACHE        "/usr/tmp/pimd.cache"
 #endif
 
+#define _PATH_PIMD_DUMP         "/var/lib/misc/pimd.dump"
+#define _PATH_PIMD_CACHE        "/var/lib/misc/pimd.cache"
+
 #endif /* __PIMD_PATHNAMES_H__ */
only in patch2:
unchanged:
--- pimd-2.1.1.orig/debian/changelog
+++ pimd-2.1.1/debian/changelog
@@ -1,3 +1,13 @@
+pimd (2.1.1-1.1) testing-proposed-updates; urgency=low
+
+  * Non-maintainer upload.
+  * CVE-2011-0007: fix insecure path on SIGUSR1 and SIGUSR2; backported
+    patch from 2.1.6.
+    The files /var/tmp/pimd.dump and /var/tmp/pimd.cache are now located
+    in /var/lib/misc, which might affect the behaviour of site-local scripts.
+
+ -- Jonathan Wiltshire <j...@debian.org>  Tue, 11 Jan 2011 09:28:56 +0000
+
 pimd (2.1.1-1) unstable; urgency=low
 
   * New upstream maintainer - Joachim Nilsson

signature.asc
Description: Digital signature

Bug#609304: pimd: diff for NMU version 2.1.1-1.1

Reply via email to