Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 209994 Details for
Bug 285861
<net-firewall/fwbuilder-3.0.7 Insecure temporary file creation (CVE-2009-4664)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
3.0.7-secure-mktemp.patch
3.0.7-secure-mktemp.patch (text/plain), 987 bytes, created by
Tiziano Müller (RETIRED)
on 2009-11-12 09:34:50 UTC
(
hide
)
Description:
3.0.7-secure-mktemp.patch
Filename:
MIME Type:
Creator:
Tiziano Müller (RETIRED)
Created:
2009-11-12 09:34:50 UTC
Size:
987 bytes
patch
obsolete
>diff -Naur fwbuilder-3.0.7.orig/src/ipt/RoutingCompiler_ipt_writers.cpp fwbuilder-3.0.7/src/ipt/RoutingCompiler_ipt_writers.cpp >--- fwbuilder-3.0.7.orig/src/ipt/RoutingCompiler_ipt_writers.cpp 2009-11-12 09:54:55.913414002 +0100 >+++ fwbuilder-3.0.7/src/ipt/RoutingCompiler_ipt_writers.cpp 2009-11-12 10:06:38.086706330 +0100 >@@ -147,9 +147,9 @@ > << "#\n#\n# ============== ROUTING RULES ============== \n#" > << endl; > >- compiler->output << "TMPDIRNAME=\"/tmp/.fwbuilder.tempdir.$$\"" << endl; >+ compiler->output << "TMPDIRNAME=\"$(umask 077 && mktemp --tmpdir=/tmp -d .fwbuilder.tempdir.XXXXXXXXXX)\"" << endl; >+ compiler->output << "[ $? != 0 ] && exit 1" << endl; > compiler->output << "TMPFILENAME=\"$TMPDIRNAME/.fwbuilder.out\"" << endl; >- compiler->output << "(umask 077 && mkdir $TMPDIRNAME) || exit 1" << endl; > compiler->output << endl; > > compiler->output << "# This function stops stdout redirection"
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=209994">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 285861
: 209994
