-emacs22 (22.2+2-2) unstable; urgency=low
+emacs22 (22.2+2-2) unstable; urgency=medium
* Fix debian-expand-file-name-dfsg and describe-gnu-project (C-h C-p).
Thanks to Valery V. Vorotyntsev <valery.vv@gmail.com>.
(closes: #448391, #477215)
- -- Rob Browning <rlb@defaultvalue.org> Sat, 26 Apr 2008 20:15:07 -0700
+ * Fix an insecurity in vcdiff's temporary file handling
+ (CVE-2008-1694). Thanks to Moritz Muehlenhoff <jmm@debian.org> and
+ Steve Grubb. (closes: #476611)
+
+ -- Rob Browning <rlb@defaultvalue.org> Sat, 26 Apr 2008 22:02:40 -0700
emacs22 (22.2+2-1) unstable; urgency=low
--- /dev/null
+* A problem with insecure temporary file handling in vcdiff has been fixed.
+ Patch: fix-vcdiff-tmp-file-handling-cve-2008-1694.diff
+ Provided-by: Moritz Muehlenhoff <jmm@debian.org>
+ Originally-reported-by: Steve Grubb
+ Date: Fri, 18 Apr 2008 00:00:45 +0200
+ Added-by: Rob Browning <rlb@defaultvalue.org>
+ Status: incorporated upstream
+
+ The vcdiff script should use temporary files more securely. Without
+ this fix a local attacker might have been able to use a symlink
+ attack to force vcdiff to overwrite an arbitrary file.
+
+Index: sid/lib-src/vcdiff
+===================================================================
+--- sid.orig/lib-src/vcdiff
++++ sid/lib-src/vcdiff
+@@ -84,14 +84,14 @@
+ case $f in
+ s.* | */s.*)
+ if
+- rev1=/tmp/geta$$
++ rev1=`mktemp /tmp/geta.XXXXXXXX`
+ get -s -p -k $sid1 "$f" > $rev1 &&
+ case $sid2 in
+ '')
+ workfile=`expr " /$f" : '.*/s.\(.*\)'`
+ ;;
+ *)
+- rev2=/tmp/getb$$
++ rev2=`mktemp /tmp/getb.XXXXXXXX`
+ get -s -p -k $sid2 "$f" > $rev2
+ workfile=$rev2
+ esac
require-movemail-use-liblockfile.diff
avoid-fakemail-mail-loss.diff
version-mention-debian.diff
+fix-vcdiff-tmp-file-handling-cve-2008-1694.diff
autofiles.diff
projects / emacs.git / commitdiff