Bug#453283: CVE-2007-6061: possible symlink attack

2007-12-28 Thread Luk Claes 
On Tue, Dec 04, 2007 at 08:51:57PM +0100, Joost Yervante Damad wrote:
 On Wednesday 28 November 2007 11:28:21 Steffen Joeris wrote:
  Package: audacity
  Severity: grave
  Tags: security
  Justification: user security hole
 
  Hi
 
  The following CVE[0] has been issued against audacity.
 
  CVE-2007-6061:
 
  Audacity 1.3.2 creates a temporary directory with a predictable name
  without checking for previous existence of that directory, which allows
  local users to cause a denial of service (recording deadlock) by
  creating the directory before Audacity is run. NOTE: this issue can be
  leveraged to delete arbitrary files or directories via a symlink attack.
 
  Please mention the CVE id in your changelog, when you fix this bug.
  Thanks for your efforts.
 
 Does anyone have an idea how to fix this? I scanned trough the code, but did 
 not find a quick solution, besides disabling the /tmp/audacity1.2-LOGNAME 
 altogether.

Well, the easiest solution is to have a random name of the directory (mktemp -d 
for instance can create such a directory very easily).

Cheers

Luk



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#472128: audacity: diff for NMU version 1.3.4-1.2

2008-03-22 Thread Luk Claes 
Package: audacity
Version: 1.3.4-1.1
Severity: normal
Tags: patch

Hi,

Attached is the diff for my audacity 1.3.4-1.2 NMU.
diff -u audacity-1.3.4/debian/changelog audacity-1.3.4/debian/changelog
--- audacity-1.3.4/debian/changelog
+++ audacity-1.3.4/debian/changelog
@@ -1,3 +1,11 @@
+audacity (1.3.4-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS with GCC 4.3 (Closes: #455635).
+  * Reenable JACK on amd64 (Closes: #469325).
+
+ -- Luk Claes [EMAIL PROTECTED]  Sat, 22 Mar 2008 10:50:11 +
+
 audacity (1.3.4-1.1) unstable; urgency=high
 
   * Non-maintainer upload by security team.
diff -u audacity-1.3.4/debian/rules audacity-1.3.4/debian/rules
--- audacity-1.3.4/debian/rules
+++ audacity-1.3.4/debian/rules
@@ -12,7 +12,11 @@
  ifeq (powerpc, ,$(DEB_HOST_ARCH))
 T1_DEB_CONFIGURE_EXTRA_FLAGS := --with-jack=yes
  else
+  ifeq (amd64, ,$(DEB_HOST_ARCH))
+T1_DEB_CONFIGURE_EXTRA_FLAGS := --with-jack=yes
+  else
 T1_DEB_CONFIGURE_EXTRA_FLAGS := --with-jack=no
+  endif
  endif
 endif
 
only in patch2:
unchanged:
--- audacity-1.3.4.orig/lib-src/libvamp/vamp-sdk/PluginAdapter.cpp
+++ audacity-1.3.4/lib-src/libvamp/vamp-sdk/PluginAdapter.cpp
@@ -36,6 +36,9 @@
 
 #include PluginAdapter.h
 
+#include cstdlib
+#include cstring
+
 //#define DEBUG_PLUGIN_ADAPTER 1
 
 
only in patch2:
unchanged:
--- audacity-1.3.4.orig/lib-src/libvamp/vamp-sdk/PluginHostAdapter.cpp
+++ audacity-1.3.4/lib-src/libvamp/vamp-sdk/PluginHostAdapter.cpp
@@ -36,6 +36,8 @@
 
 #include PluginHostAdapter.h
 
+#include cstdlib
+
 namespace Vamp
 {
 
only in patch2:
unchanged:
--- audacity-1.3.4.orig/lib-src/libvamp/vamp-sdk/hostext/PluginLoader.cpp
+++ audacity-1.3.4/lib-src/libvamp/vamp-sdk/hostext/PluginLoader.cpp
@@ -39,6 +39,7 @@
 #include PluginInputDomainAdapter.h
 #include PluginChannelAdapter.h
 
+#include cstring
 #include fstream
 #include cctype // tolower

Bug#482770: closing 482770

2008-06-08 Thread Luk Claes 
# Automatically generated email from bts, devscripts version 2.10.29
# binNMU fixed FTBFS
close 482770 




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]