Bug#506270: updated patch

Nico Golde Sat, 29 Nov 2008 03:01:45 -0800

Hi,
updated patch attached. In order to make it build in my 
chroot I had to remove the configure check for a default 
serial line, seriously this is broken.


Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

diff -u p3nfs-5.19/debian/changelog p3nfs-5.19/debian/changelog
--- p3nfs-5.19/debian/changelog
+++ p3nfs-5.19/debian/changelog
@@ -1,3 +1,13 @@
+p3nfs (5.19-1.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix insecure temporary file usage in bluetooth.rc by using mktemp
+    (CVE-2008-5154; Closes: #506270).
+  * Comment broken check for serial line in configure script as this fails in
+    pbuilder and it has a default defined in server/defs.h.
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Sat, 29 Nov 2008 11:32:31 +0100
+
 p3nfs (5.19-1.1) unstable; urgency=high
 
   * Non-maintainer upload.
only in patch2:
unchanged:
--- p3nfs-5.19.orig/configure
+++ p3nfs-5.19/configure
@@ -3368,18 +3368,18 @@
 
 echo "$as_me:$LINENO: checking for default serial line" >&5
 echo $ECHO_N "checking for default serial line... $ECHO_C" >&6
-for i in /dev/tty0p0 /dev/tty00 /dev/ttyS0 /dev/ttys0 /dev/term/a /dev/ttyfa /dev/ttya /dev/tty0 /dev/ttyf1 /dev/cuaa1 ; do
-  if test -c $i ; then
-    DDEV=$i
-    echo "$as_me:$LINENO: result: $i" >&5
-echo "${ECHO_T}$i" >&6
-    break
-  fi
-done
-test -z "$DDEV" && { { echo "$as_me:$LINENO: error: serial device not found... Try harder." >&5
-echo "$as_me: error: serial device not found... Try harder." >&2;}
-   { (exit 1); exit 1; }; }
-
+ #for i in /dev/tty0p0 /dev/tty00 /dev/ttyS0 /dev/ttys0 /dev/term/a /dev/ttyfa /dev/ttya /dev/tty0 /dev/ttyf1 /dev/cuaa1 ; do
+ #  if test -c $i ; then
+ #    DDEV=$i
+ #    echo "$as_me:$LINENO: result: $i" >&5
+ #echo "${ECHO_T}$i" >&6
+ #    break
+ #  fi
+ #done
+ #test -z "$DDEV" && { { echo "$as_me:$LINENO: error: serial device not found... Try harder." >&5
+ #echo "$as_me: error: serial device not found... Try harder." >&2;}
+ #   { (exit 1); exit 1; }; }
+ #
 
 
 echo "$as_me:$LINENO: checking EPOCR5 SDK" >&5
only in patch2:
unchanged:
--- p3nfs-5.19.orig/etc/bluetooth.rc
+++ p3nfs-5.19/etc/bluetooth.rc
@@ -14,7 +14,8 @@
 
 prog="bluetooth"
 ROOT=/local/bluez-2.0
-exec >> /tmp/blue.log 2>&1
+TMPFILE=$(mktemp -t blueXXXXXXXXX || exit 1)
+exec >> $TMPFILE 2>&1
 
 echo "--------------------"
 echo "$*"

pgp8b7ydTHUuk.pgp
Description: PGP signature

Bug#506270: updated patch

Reply via email to