Package: auctex Version: 13.2-1 Severity: serious Justification: Policy 10.4, 9.1.1 X-Debbugs-Cc: stanislav.maslov...@gmail.com
Dear Maintainer, Auctex script 'update-auctex-elisp.eperl' creates a tmpfile in the root of the filesystem in a potentially dangerous way with $(mktemp ./XXXXXXXX-el). This temporary file also stays on the filesystem and is not removed. I noticed this after switching to testing: sometimes after "apt upgrade" a UID=0 owned file with a random name was created in the "/" directory, with the content "(defun font-lock-fontify-syntactic-keywords-region (start end))". People in "#debin-next" helped me to find the source of this problem. They also recommended to mark this bug as "serious". Thanks, @cb and @petn-randall! -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (700, 'testing'), (500, 'oldstable-security'), (500, 'stable'), (500, 'oldstable'), (100, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.12.27-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages auctex depends on: ii debconf [debconf-2.0] 1.5.91 ii emacs-gtk [emacs] 1:30.1+1-5 ii emacsen-common 3.0.7 ii preview-latex-style 13.2-1 ii procps 2:4.0.4-8 Versions of packages auctex recommends: ii ghostscript 10.05.0~dfsg-1 ii texlive-latex-recommended 2024.20250309-1 ii xpdf 3.04+git20250304-1+b1 Versions of packages auctex suggests: pn catdvi <none> pn dvipng <none> pn lacheck <none> -- debconf information: auctex/doauto: Background
