[DebianGIS-dev] r1763 - in packages/gpsdrive/trunk/debian: . patches

Sun, 31 Aug 2008 15:12:08 -0700 

Author: nd-guest
Date: 2008-08-31 22:12:00 +0000 (Sun, 31 Aug 2008)
New Revision: 1763

Added:
   packages/gpsdrive/trunk/debian/patches/100-fix-insecure-tempfiles.dpatch
Modified:
   packages/gpsdrive/trunk/debian/patches/00list
   packages/gpsdrive/trunk/debian/rules
Log:
patch for insecure tempfiles in geo-code


Modified: packages/gpsdrive/trunk/debian/patches/00list
===================================================================
--- packages/gpsdrive/trunk/debian/patches/00list       2008-08-31 22:10:49 UTC 
(rev 1762)
+++ packages/gpsdrive/trunk/debian/patches/00list       2008-08-31 22:12:00 UTC 
(rev 1763)
@@ -15,3 +15,4 @@
 97-osmxml
 98-mapnik-exception
 99-autobestmap
+100-fix-insecure-tempfiles

Added: packages/gpsdrive/trunk/debian/patches/100-fix-insecure-tempfiles.dpatch
===================================================================
--- packages/gpsdrive/trunk/debian/patches/100-fix-insecure-tempfiles.dpatch    
                        (rev 0)
+++ packages/gpsdrive/trunk/debian/patches/100-fix-insecure-tempfiles.dpatch    
2008-08-31 22:12:00 UTC (rev 1763)
@@ -0,0 +1,78 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 100-fix-insecure-tempfiles.dpatch by Andreas Putzo <[EMAIL PROTECTED]>
+##
+## DP: Fix insecure tempfile creation in geo-code.
+## DP: Thanks Moritz Muehlenhoff <[EMAIL PROTECTED]>.
+
[EMAIL PROTECTED]@
+diff -urNad gpsdrive-2.10~pre4-6.dfsg~/scripts/geo-code 
gpsdrive-2.10~pre4-6.dfsg/scripts/geo-code
+--- gpsdrive-2.10~pre4-6.dfsg~/scripts/geo-code        2007-09-14 
21:47:07.000000000 +0000
++++ gpsdrive-2.10~pre4-6.dfsg/scripts/geo-code 2008-08-31 21:51:50.000000000 
+0000
+@@ -83,6 +83,7 @@
+ #
+ error() {
+       echo "`basename $PROGNAME`: $1" >&2
++    remove_cruft
+       exit 1
+ }
+ 
+@@ -130,8 +131,9 @@
+       a)      SQLMATCH=all;;
+       D)      DEBUG="$OPTARG";;
+       U)      echo "Getting latest version of this script..."
+-              curl -o$UPDATEcodeFILE "$UPDATEcodeURL"
+-              echo "Latest version is in $UPDATEcodeFILE"
++              destdir=`mktemp -d`
++              curl -o$destdir/$UPDATEcodeFILE "$UPDATEcodeURL"
++              echo "Latest version is in $destdir/$UPDATEcodeFILE"
+               exit
+               ;;
+       h|\?)   usage;;
+@@ -239,7 +241,7 @@
+ #     procedure to remove cruft files
+ #
+ remove_cruft() {
+-      for i in $STYLE $COORDS $OUTWAY $MAP
++      for i in $STYLE $COORDS $OUTWAY $MAP $TMP
+       do
+               [ -f $i ] && rm -f $i
+       done
+@@ -248,7 +250,7 @@
+ #
+ #     Main Program
+ #
+-TMP=/tmp/geo$$
++TMP=`mktemp`
+ STYLE=${TMP}.style
+ COORDS=${TMP}.coords
+ OUTWAY=${TMP}.way
+@@ -269,7 +271,6 @@
+               | head -n1 \
+               `
+       if [ "$URL" = "" ]; then
+-              cp $COORDS /tmp/geo.google
+               error "Unable to lookup telephone number or name with Google"
+       else
+               URL="http://maps.yahoo.com/$URL";
+@@ -295,7 +296,7 @@
+ fi
+ 
+ if [ $DEBUG -gt 0 ]; then
+-    filter="tee /tmp/geo.yahoo"
++    filter="tee `mktemp`"
+ else
+     filter=cat
+ fi
+@@ -306,9 +307,9 @@
+       -e 's/.*slt=\([^%]*\).*sln=\([^%]*\).*Create.*/\1 \2/p' \
+ > $COORDS
+ 
+-if [ $DEBUG -gt 0 ]; then
+-      cp $COORDS /tmp/geo.coords
+-fi
++#if [ $DEBUG -gt 0 ]; then
++#     cp -d $COORDS /tmp/geo.coords
++#fi
+ 
+ #
+ #     Convert the coords, address, and type to the desired


Property changes on: 
packages/gpsdrive/trunk/debian/patches/100-fix-insecure-tempfiles.dpatch
___________________________________________________________________
Name: svn:executable
   + *

Modified: packages/gpsdrive/trunk/debian/rules
===================================================================
--- packages/gpsdrive/trunk/debian/rules        2008-08-31 22:10:49 UTC (rev 
1762)
+++ packages/gpsdrive/trunk/debian/rules        2008-08-31 22:12:00 UTC (rev 
1763)
@@ -10,8 +10,8 @@
 DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
 DEB_VERSION := $(shell dpkg-parsechangelog |egrep  '^Version:' | cut -f 2 -d ' 
')
 DEB_NOEPOCH_VERSION := $(shell echo $(DEB_VERSION) | cut -d: -f2-)
-DEB_UPSTREAM_VERSION := $(shell echo $(DEB_NOEPOCH_VERSION) | sed 
's/-[^-]*$$//')
-UPSTREAM_VERSION := $(strip $(shell (echo $(DEB_UPSTREAM_VERSION)|sed 
's/~//')))
+DEB_UPSTREAM_VERSION := 2.10~pre4-6.dfsg
+UPSTREAM_VERSION := 2.10pre4
 DESTDIR  := ${CURDIR}/debian/tmp
 MAPNIK_PATH = $(shell mapnik-plugin-base)
 


_______________________________________________
Pkg-grass-devel mailing list
Pkg-grass-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-grass-devel

Reply via email to