[Pkg-phototools-devel] Bug#612035: Ping: Bug#612035: Bug#612035: vulnerability: rewrite arbitrary user file
Daniel Friesel
derf at finalrewind.org
Fri Feb 3 14:24:15 UTC 2012
Hi,
On Thu, Jan 19, 2012 at 12:47:06PM +0000, Jonathan Wiltshire wrote:
> On Fri, Jul 08, 2011 at 08:06:17PM +0200, Julien Cristau wrote:
> > [...]
> > ick. mkdtemp(3), please.
> Any news on this?
the attached patches (created against the unpatched 1.3.4.dfsg.1-1 / 1.8-1
packages) use mkdtemp for the fix.
I removed the --cache 0 wget argument because my system's wget does not support
it anymore, if the wget in oldstable still has it it's safe to put that back in.
--Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: feh-1.3something.mkdtemp.patch
Type: text/x-diff
Size: 2507 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-phototools-devel/attachments/20120203/96b803ce/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: feh-1.8.mkdtemp.patch
Type: text/x-diff
Size: 1712 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-phototools-devel/attachments/20120203/96b803ce/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-phototools-devel/attachments/20120203/96b803ce/attachment.pgp>
More information about the Pkg-phototools-devel
mailing list