From 4affd83ea1e73ff531161ffe71e350a85f7dd426 Mon Sep 17 00:00:00 2001 From: brad Date: Sun, 24 Oct 2004 20:26:55 +0000 Subject: [PATCH] Fix insecure tempfile creation in etc2ps. http://marc.theaimsgroup.com/?l=bugtraq&m=109655739113230&w=2 --- net/netatalk/stable/Makefile | 3 ++- .../stable/patches/patch-etc_psf_etc2ps_sh | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 net/netatalk/stable/patches/patch-etc_psf_etc2ps_sh diff --git a/net/netatalk/stable/Makefile b/net/netatalk/stable/Makefile index 1f0465c2ca9..5ba6ffaa586 100644 --- a/net/netatalk/stable/Makefile +++ b/net/netatalk/stable/Makefile @@ -1,8 +1,9 @@ -# $OpenBSD: Makefile,v 1.5 2003/08/22 11:18:19 naddy Exp $ +# $OpenBSD: Makefile,v 1.6 2004/10/24 20:26:55 brad Exp $ COMMENT= "AFP file and print services for AppleTalk/IP networks" DISTNAME= netatalk-1.6.3 +PKGNAME= ${DISTNAME}p1 CATEGORIES= net HOMEPAGE= http://netatalk.sourceforge.net/ diff --git a/net/netatalk/stable/patches/patch-etc_psf_etc2ps_sh b/net/netatalk/stable/patches/patch-etc_psf_etc2ps_sh new file mode 100644 index 00000000000..aca01c371e4 --- /dev/null +++ b/net/netatalk/stable/patches/patch-etc_psf_etc2ps_sh @@ -0,0 +1,17 @@ +$OpenBSD: patch-etc_psf_etc2ps_sh,v 1.1 2004/10/24 20:26:55 brad Exp $ +--- etc/psf/etc2ps.sh.orig Sun Oct 24 16:20:53 2004 ++++ etc/psf/etc2ps.sh Sun Oct 24 16:23:22 2004 +@@ -26,9 +26,10 @@ case $1 in + # + df*) + if [ -x "$DVIPS" ]; then +- cat > /tmp/psfilter.$$ +- $DVIPS $DVIPSARGS < /tmp/psfilter.$$ +- rm -f /tmp/psfilter.$$ ++ TEMPFILE=`mktemp -t psfilter.XXXXXXXXXX` || exit 1 ++ cat > $TEMPFILE ++ $DVIPS $DVIPSARGS < $TEMPFILE ++ rm -f $TEMPFILE + else + echo "$0: filter dvips uninstalled" 1>&2 + exit 2