Not sure wether this affects our version: There is a race condition on creating temporary files in texindex.
Pulling in maintainer.
I checked, our 4.8 is affected.
base-system please advise...
seems to be fixed in texinfo-4.8 which has been in stable for all arches for quite a while http://savannah.gnu.org/cgi-bin/viewcvs/texinfo/texinfo/util/texindex.c.diff?r1=1.3&r2=1.4 texinfo-4.8 uses texindex.c rev 1.11 which is much higher than the fixed rev 1.4 :)
vapier: affected code (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328365) is still in 4.8. I think it's a different set of tempfile fixes. Debian's 4.7 version is affected and 4.7 is based on rev 1.11, like 4.8.
Created attachment 69199 [details, diff] texinfo-texindex-tempfile.patch indeed ... so what about this patch ?
Looks sane to me, but I may miss something (esp. in my current state), better ask TheTavis to have a look.
Does the patch work? I havnt looked at texinfo code but if i'm reading it correctly, it passes mkstemp a char* that ends with .123, iirc mkstemp expects it to end with XXX... Does that new fd get released anywhere? otherwise this patch adds an fd leak.
indeed, that mkstemp should be changed to open() like in bsd
Created attachment 69463 [details, diff] texinfo-texindex-tempfile.patch this should do it then
Yep, patch looks good to me.
texinfo-4.8-r1 now in portage then
Let the race begin, test and mark stable...
Looks fine on alpha, marked stable. Cheers, Ferdy
Stable on hppa, ppc.
x86 happy
mips stable
sparc stable.
stable on ppc64
amd64 stable
stable on sh.
Stable on ia64.
GLSA 200510-04 arm and s390 should mark stable to benefit from GLSA
Gentlemen, please see: http://bugs.gentoo.org/show_bug.cgi?id=108416
Apparently our patch sucks, SpanKY please see bug 108416 for details.