Package: websvn
Version: 1.61-13
Severity: critical
Tags: security patch
Justification: breaks unrelated software
When using 'download tarball' in websvn a temp dir in
/usr/share/websvn/temp is created. This directory ist not deleted afterwardes.
This can lead to 100% used hd.
This can be fixed by this patch to dl.php:
65a66,67
> // Get absolute path
> $tmpname = getcwd();
88,89d89
< chdir("..");
<
I'm running apache2 with mod-php4 btw.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.32
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages websvn depends on:
ii apache [httpd] 1.3.33-6sarge3 versatile, high-performance HTTP s
ii apache2 2.0.54-5sarge1 next generation, scalable, extenda
ii apache2-mpm-prefork [http 2.0.54-5sarge1 traditional model for Apache2
ii debconf 1.4.30.13 Debian configuration management sy
ii libapache2-mod-php4 4:4.3.10-18 server-side, HTML-embedded scripti
ii php4 4:4.3.10-18 server-side, HTML-embedded scripti
ii php4-cgi 4:4.3.10-18 server-side, HTML-embedded scripti
ii po-debconf 0.8.23 manage translated Debconf template
ii subversion 1.1.4-2 advanced version control system (a
ii ucf 1.17 Update Configuration File: preserv
-- debconf information:
* websvn/webservers: apache2
* websvn/configuration: true
* websvn/parentpath: /var/local/svn
* websvn/repositories: /var/local/svn
* websvn/permissions:
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
