Bug#290047: patch

[Joey Hess]

Here's a patch for the security holes.

-- 
see shy jo

diff -ur old/linux-wlan-ng-0.2.0+0.2.1pre21/debian/changelog 
linux-wlan-ng-0.2.0+0.2.1pre21/debian/changelog
--- old/linux-wlan-ng-0.2.0+0.2.1pre21/debian/changelog 2005-01-18 
15:22:29.000000000 -0500
+++ linux-wlan-ng-0.2.0+0.2.1pre21/debian/changelog     2005-01-18 
15:22:20.000000000 -0500
@@ -1,3 +1,12 @@
+linux-wlan-ng (0.2.0+0.2.1pre21-1.1) UNRELEASED; urgency=low
+
+  * NMU
+  * Remove unsafe echo to /tmp/log that I added for debugging ages ago.
+  * Fix unsafe uses of temp files in /etc/wlan/shared (not used by default
+    in Debian) -- use /var/run instead. Closes: #290047
+
+ -- Joey Hess <[EMAIL PROTECTED]>  Tue, 18 Jan 2005 15:18:15 -0500
+
 linux-wlan-ng (0.2.0+0.2.1pre21-1) unstable; urgency=low
 
   * New upstream prerelease (Closes: #269678)
diff -ur old/linux-wlan-ng-0.2.0+0.2.1pre21/debian/linux-wlan-ng-resume 
linux-wlan-ng-0.2.0+0.2.1pre21/debian/linux-wlan-ng-resume
--- old/linux-wlan-ng-0.2.0+0.2.1pre21/debian/linux-wlan-ng-resume      
2005-01-18 15:22:29.000000000 -0500
+++ linux-wlan-ng-0.2.0+0.2.1pre21/debian/linux-wlan-ng-resume  2005-01-18 
15:18:11.000000000 -0500
@@ -3,7 +3,6 @@
 # iterfaces. Otherwise they could get into a weird state.
 IFACES=$(ifconfig | grep -B 1 ^wlan | cut -d ' ' -f 1)
 for iface in $IFACES; do
-       echo down $ifcase >>/tmp/log
        ifdown $iface || ifconfig $iface down
 done
 
diff -ur old/linux-wlan-ng-0.2.0+0.2.1pre21/etc/wlan/shared 
linux-wlan-ng-0.2.0+0.2.1pre21/etc/wlan/shared
--- old/linux-wlan-ng-0.2.0+0.2.1pre21/etc/wlan/shared  2004-03-12 
11:26:02.000000000 -0500
+++ linux-wlan-ng-0.2.0+0.2.1pre21/etc/wlan/shared      2005-01-18 
15:21:48.000000000 -0500
@@ -572,9 +572,9 @@
        # Collect the current scheme name and save the file
        if [ -r $WLAN_SCHEMEFILE ] ; then
                WLAN_SCHEME=`cat $WLAN_SCHEMEFILE`
-               cp $WLAN_SCHEMEFILE /tmp/wlan_scheme_`date +"%T"`.tmp
+               cp $WLAN_SCHEMEFILE /var/run/wlan_scheme_`date +"%T"`.tmp
        else
-               touch /tmp/wlan_scheme_`date +"%T"`.tmp
+               touch /var/run/wlan_scheme_`date +"%T"`.tmp
                
        fi
 
@@ -602,7 +602,7 @@
                WLAN_SCHEMEFILE="/var/run/pcmcia-scheme"
        fi
 
-       TMPFILE=`ls /tmp/wlan_scheme*.tmp | tail -n 1`
+       TMPFILE=`ls /var/run/wlan_scheme*.tmp | tail -n 1`
 
        if [ -r $TMPFILE ] ; then
                cat $TMPFILE > $WLAN_SCHEMEFILE

signature.asc
Description: Digital signature