[Expired for psensor (Ubuntu) because there has been no activity for 60
days.]
** Changed in: psensor (Ubuntu)
Status: Incomplete = Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
When coordinating with upstream, please investigate if the proposed fix
is safe from race conditions.
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@Seth, I am the author of psensor.
I did the debdiff but unfortunely there is a specific ubuntu regression
The ubuntu packaging is linking /usr/share/psensor/www/jquery.js to
/usr/share/javascript/jquery/jquery.js which is rejected by the fix
(based on calling realpath C function)because it is
Jean-Philippe, ah, that is a bit of an annoyance. I don't know what to
recommend.
The race condition I was worried about is the check for the realpath()
appears to be done some point before the file is opened; a symlink could
be made between those two and the end result could be the same.
Of
