Package: websvn Version: 1.61-13 Severity: critical Tags: security patch Justification: breaks unrelated software
When using 'download tarball' in websvn a temp dir in /usr/share/websvn/temp is created. This directory ist not deleted afterwardes. This can lead to 100% used hd. This can be fixed by this patch to dl.php: 65a66,67 > // Get absolute path > $tmpname = getcwd(); 88,89d89 < chdir(".."); < I'm running apache2 with mod-php4 btw. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.4.32 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages websvn depends on: ii apache [httpd] 1.3.33-6sarge3 versatile, high-performance HTTP s ii apache2 2.0.54-5sarge1 next generation, scalable, extenda ii apache2-mpm-prefork [http 2.0.54-5sarge1 traditional model for Apache2 ii debconf 1.4.30.13 Debian configuration management sy ii libapache2-mod-php4 4:4.3.10-18 server-side, HTML-embedded scripti ii php4 4:4.3.10-18 server-side, HTML-embedded scripti ii php4-cgi 4:4.3.10-18 server-side, HTML-embedded scripti ii po-debconf 0.8.23 manage translated Debconf template ii subversion 1.1.4-2 advanced version control system (a ii ucf 1.17 Update Configuration File: preserv -- debconf information: * websvn/webservers: apache2 * websvn/configuration: true * websvn/parentpath: /var/local/svn * websvn/repositories: /var/local/svn * websvn/permissions: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]