Bug#292792: second nmu

Thu, 21 Apr 2005 09:57:50 -0700 

I had to make a second NMU because it turned out the patch from the DSA
did not fix all the securtity problems. The attached patch needs the
patch from my first NMU to be applied first.

-- 
see shy jo

diff -ur old/f2c-20020621/debian/changelog f2c-20020621/debian/changelog
--- old/f2c-20020621/debian/changelog   2005-04-21 12:37:58.000000000 -0400
+++ f2c-20020621/debian/changelog       2005-04-21 12:37:10.000000000 -0400
@@ -1,3 +1,13 @@
+f2c (20020621-3.2) unstable; urgency=HIGH
+
+  * NMU again for same security issues.
+  * Corrected the patch to create proper temporary files by not shadowing
+    global scope variables with local scope ones.  Thanks to Dan McMahill
+    from NetBSD [src/sysdep.c, patches/patch.CAN-2005-0017.f2c,
+    CAN-2005-0017]
+
+ -- Joey Hess <[EMAIL PROTECTED]>  Thu, 21 Apr 2005 12:32:07 -0400
+
 f2c (20020621-3.1) unstable; urgency=HIGH
 
   * NMU for security issues. Closes: #292792
diff -ur old/f2c-20020621/src/sysdep.c f2c-20020621/src/sysdep.c
--- old/f2c-20020621/src/sysdep.c       2005-04-21 12:37:58.000000000 -0400
+++ f2c-20020621/src/sysdep.c   2005-04-21 12:36:03.000000000 -0400
@@ -97,7 +97,9 @@
        if (!debugflag) {
                unlink(c_functions);
                unlink(initfname);
+               unlink(initbname);
                unlink(p1_file);
+               unlink(p1_bakfile);
                unlink(sortfname);
                unlink(blkdfname);
                if (cdelete && coutput)
@@ -121,13 +123,13 @@
        p1_bakfile = p1_file + k;
        sortfname = p1_bakfile + k;
 #else
-       char c_functions[] = TMPDIR "/f2c_func_XXXXXX";
-       char initfname[]   = TMPDIR "/f2c_rc_XXXXXX";
-       char initbname[]   = TMPDIR "/f2c_rc.b_XXXXXX";
-       char blkdfname[]   = TMPDIR "/f2c_blkd_XXXXXX";
-       char p1_file[]     = TMPDIR "/f2c_p1f_XXXXXX";
-       char p1_bakfile[]  = TMPDIR "/f2c_p1fb_XXXXXX";
-       char sortfname[]   = TMPDIR "/f2c_sort_XXXXXX";
+       sprintf(c_functions, "%s/f2c_func_XXXXXX", tmpdir);
+       sprintf(initfname,   "%s/f2c_rc_XXXXXX", tmpdir);
+       sprintf(initbname,   "%s/f2c_rc.b_XXXXXX", tmpdir);
+       sprintf(blkdfname,   "%s/f2c_blkd_XXXXXX", tmpdir);
+       sprintf(p1_file,     "%s/f2c_p1f_XXXXXX", tmpdir);
+       sprintf(p1_bakfile,  "%s/f2c_p1fb_XXXXXX", tmpdir);
+       sprintf(sortfname,   "%s/f2c_sort_XXXXXX", tmpdir);
 #endif
        {
 #ifdef MSDOS

Attachment: signature.asc
Description: Digital signature

Reply via email to