Hello, Since this bug is trivial to fix, and has been open for two months, I am going to fix it by NMU. If you are unhappy with anything about the NMU, please override it.
Thanks, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
diff -u migrationtools-46/debian/changelog migrationtools-46/debian/changelog --- migrationtools-46/debian/changelog +++ migrationtools-46/debian/changelog @@ -1,3 +1,10 @@ +migrationtools (46-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix insecure tempfile creation (closes: #338920) + + -- Stephen Gran <[EMAIL PROTECTED]> Sun, 29 Jan 2006 15:15:25 +0000 + migrationtools (46-2) unstable; urgency=low * Patch to use krb5Principal and krb5PrincipalName from krb5-kdc only in patch2: unchanged: --- migrationtools-46.orig/ads/migrate_all_nis_online_ads.sh +++ migrationtools-46/ads/migrate_all_nis_online_ads.sh @@ -41,16 +41,20 @@ export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -#ETC_SERVICES="$TMPDIR/services.$$.ldap" -#ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -#ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -#ETC_RPC="$TMPDIR/rpc.$$.ldap" -#ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -#ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -#ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +#ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +#ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +#ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +#ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +#ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +#ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +#ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NIS domain to import from (optional): " only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_netinfo_offline.sh +++ migrationtools-46/migrate_all_netinfo_offline.sh @@ -39,16 +39,20 @@ PATH=$PATH:. export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NetInfo domain to import from [/]:" only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_netinfo_online.sh +++ migrationtools-46/migrate_all_netinfo_online.sh @@ -39,16 +39,20 @@ PATH=$PATH:. export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NetInfo domain to import from [/]:" only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_nis_offline.sh +++ migrationtools-46/migrate_all_nis_offline.sh @@ -39,16 +39,20 @@ PATH=$PATH:. export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NIS domain to import from (optional): " only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_nis_online.sh +++ migrationtools-46/migrate_all_nis_online.sh @@ -40,16 +40,20 @@ export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NIS domain to import from (optional): " only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_nisplus_offline.sh +++ migrationtools-46/migrate_all_nisplus_offline.sh @@ -39,17 +39,21 @@ PATH=$PATH:/usr/lib/nis:. export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_NETGROUP="$TMPDIR/netgroup.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_NETGROUP="$TEMP_DIR/netgroup.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NIS+ domain to import from (optional): " only in patch2: unchanged: --- migrationtools-46.orig/migrate_all_nisplus_online.sh +++ migrationtools-46/migrate_all_nisplus_online.sh @@ -40,17 +40,21 @@ export PATH -TMPDIR="/tmp" -ETC_PASSWD="$TMPDIR/passwd.$$.ldap" -ETC_GROUP="$TMPDIR/group.$$.ldap" -ETC_SERVICES="$TMPDIR/services.$$.ldap" -ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" -ETC_FSTAB="$TMPDIR/fstab.$$.ldap" -ETC_RPC="$TMPDIR/rpc.$$.ldap" -ETC_HOSTS="$TMPDIR/hosts.$$.ldap" -ETC_NETWORKS="$TMPDIR/networks.$$.ldap" -ETC_NETGROUP="$TMPDIR/netgroup.$$.ldap" -ETC_ALIASES="$TMPDIR/aliases.$$.ldap" +TEMP_DIR="$(mktemp -dt)" +if [ -z "$TEMP_DIR" ]; then + echo "Can't create temporary directory" >&2 + exit 1 +fi +ETC_PASSWD="$TEMP_DIR/passwd.$$.ldap" +ETC_GROUP="$TEMP_DIR/group.$$.ldap" +ETC_SERVICES="$TEMP_DIR/services.$$.ldap" +ETC_PROTOCOLS="$TEMP_DIR/protocols.$$.ldap" +ETC_FSTAB="$TEMP_DIR/fstab.$$.ldap" +ETC_RPC="$TEMP_DIR/rpc.$$.ldap" +ETC_HOSTS="$TEMP_DIR/hosts.$$.ldap" +ETC_NETWORKS="$TEMP_DIR/networks.$$.ldap" +ETC_NETGROUP="$TEMP_DIR/netgroup.$$.ldap" +ETC_ALIASES="$TEMP_DIR/aliases.$$.ldap" EXIT=no question="Enter the NIS+ domain to import from (optional): "
