-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 31.01.2016 18:57, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Thu, 2016-01-28 at 12:49 +0100, Daniel Stender wrote: >> I propose an update of Gummi in Jessie. >> >> It's a fix of #812577 [1]. The same patch/changes are also included in >> gummi/0.6.3-1.2+deb7u2, please see the wheezy-pu for the background [2]: > [...] >> I've build the package with Sbuild against stable [3]. Please see the >> attached debdiff for the whole set of changes. > > That appears to be the wheezy debdiff. > > Regards, > > Adam
Ah, yes! Here we go ... Best, Dan - -- 4096R/DF5182C8 46CB 1CA8 9EA3 B743 7676 1DB9 15E0 9AF4 DF51 82C8 LPI certified Linux admin (LPI000329859 64mz6f7kt4) http://www.danielstender.com/blog/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJWrk3iAAoJEBXgmvTfUYLIBfwP/jcjH3wawK5eVZ74UH8BGZsX Bd1kvpl2J8xZSIsQtrnKEF3u8hle/2WnrkuFUFUffQqv4UBTMBGkw8DSmicaiF4J 8HRPJGuI4CB66Xtdfq4NK4XNSuIefzJvLoS+v/doOoJI3Vjj/oDFt5Fs0iRxKF2x h8mRlBN8NP9u62zf30ya/njJJ15cQ44H1BHwQE9Imer5LKVOtFqrvxLfsICLo+dK Ym2EbXgDE2wcaNQQgnKKkYcJAzYeMqFDvbkNn9v3gpr3vGvvqIXc5XxAGtQMaOn4 Sg/t5dRwHxsqA1J4/pLIpUpiRbzFiWSvmhsI2okraXBjlqRJTdBfvrwyA1NBJ9Os qpUp9kmOZ7yVYkI87X0vUNccmp0E7RHkfO9VZSBABXGRQj350Peoo6DuOIMxrzsL /LdxLHZsRscWL+wsFn5dax7NabHUheSYwfp3U5NOFnA3dzbniVENENFrt5q3vGvw 3e1s2FBYmCIWxSyCx62EUlZf6YUltxSnuA5jlthlqaZwSGvBQwNZgKuH5YwearVh YUwPSyTgQdCTvLGD+vLjC/qtIuzbDWvZnsKWx3ti4yK7RuiUpP8A89v4LC06qUuP gD6Wujw6bTNx7w+iOBdRkKW38Cc2A83kF6cOz5mFB2GV5GqBzzV5GRlY3wHyrsa8 uVC7BVRH1Tkf1dcko8ht =i9PQ -----END PGP SIGNATURE-----
diff -Nru gummi-0.6.5/debian/changelog gummi-0.6.5/debian/changelog --- gummi-0.6.5/debian/changelog 2015-11-29 18:07:36.000000000 +0100 +++ gummi-0.6.5/debian/changelog 2016-01-28 12:32:13.000000000 +0100 @@ -1,3 +1,9 @@ +gummi (0.6.5-3+deb8u2) stable; urgency=medium + + * no-predictable-tmpfiles.patch: use upstream fix (Closes: #812577). + + -- Daniel Stender <deb...@danielstender.com> Thu, 28 Jan 2016 12:31:20 +0100 + gummi (0.6.5-3+deb8u1) stable; urgency=medium * Added no-predictable-tmpfiles.patch, fix of CVE 2015-7758 (Closes: #756432). diff -Nru gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch --- gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch 2015-11-29 16:30:54.000000000 +0100 +++ gummi-0.6.5/debian/patches/no-predictable-tmpfiles.patch 2016-01-28 12:30:10.000000000 +0100 @@ -1,39 +1,33 @@ -Description: don't generate predictable tmpfile names if filename is given - Quick fix for CVE-2015-7758 (#756432). -Author: Daniel Stender <deb...@danielstender.com> +Description: Use XDG cache dir for tmp files rather than TMPDIR. + Fix for CVE-2015-7758 (#756432). +Origin: https://github.com/alexandervdm/gummi/commit/4ad6486 Bug: https://bugs.debian.org/756432 -Forwarded: https://github.com/alexandervdm/gummi/issues/20 -Last-Update: 2015-11-29 +Last-Update: 2016-01-28 + +--- a/src/constants.h ++++ b/src/constants.h +@@ -59,7 +59,7 @@ + #define C_CMDSEP "&&" + #define C_TEXSEC "" + #else +- #define C_TMPDIR g_get_tmp_dir() ++ #define C_TMPDIR g_build_path(G_DIR_SEPARATOR_S, g_get_user_cache_dir(), "gummi", NULL) + #define C_CMDSEP ";" + #define C_TEXSEC "env openout_any=a" + #endif --- a/src/editor.c +++ b/src/editor.c -@@ -204,10 +204,9 @@ - gchar* base = g_path_get_basename (filename); - gchar* dir = g_path_get_dirname (filename); - ec->filename = g_strdup (filename); -- ec->basename = g_strdup_printf ("%s%c.%s", dir, G_DIR_SEPARATOR, base); -- ec->workfile = g_strdup_printf ("%s.swp", ec->basename); -- ec->pdffile = g_strdup_printf ("%s%c.%s.pdf", C_TMPDIR, -- G_DIR_SEPARATOR, base); -+ ec->basename = g_strdup (ec->fdname); -+ ec->workfile = g_strdup (ec->fdname); -+ ec->pdffile = g_strdup_printf ("%s.pdf", ec->fdname); - g_free (base); - g_free (dir); - } else { -@@ -237,12 +236,9 @@ - if (ec->filename) { - gchar* dirname = g_path_get_dirname (ec->filename); - gchar* basename = g_path_get_basename (ec->filename); -- auxfile = g_strdup_printf ("%s%c.%s.aux", C_TMPDIR, -- G_DIR_SEPARATOR, basename); -- logfile = g_strdup_printf ("%s%c.%s.log", C_TMPDIR, -- G_DIR_SEPARATOR, basename); -- syncfile = g_strdup_printf ("%s%c.%s.synctex.gz", C_TMPDIR, -- G_DIR_SEPARATOR, basename); -+ auxfile = g_strdup_printf ("%s.aux", ec->fdname); -+ logfile = g_strdup_printf ("%s.log", ec->fdname); -+ syncfile = g_strdup_printf ("%s.synctex.gz", ec->fdname); - g_free (basename); - g_free (dirname); - } else { +@@ -187,6 +187,12 @@ static void on_delete_range(GtkTextBuffer *textbuffer,GtkTextIter *start, + */ + void editor_fileinfo_update (GuEditor* ec, const gchar* filename) { + ++ // directory should exist, but if not create ~/.cache/gummi: ++ if (!g_file_test (C_TMPDIR, G_FILE_TEST_IS_DIR)) { ++ slog (L_WARNING, ".cache directory does not exist, creating..\n"); ++ g_mkdir_with_parents (C_TMPDIR, DIR_PERMS); ++ } ++ + if (ec->workfd != -1) + editor_fileinfo_cleanup (ec); +