diff options
author | sketch <sketch@pkgsrc.org> | 2005-10-06 11:26:18 +0000 |
---|---|---|
committer | sketch <sketch@pkgsrc.org> | 2005-10-06 11:26:18 +0000 |
commit | c54181a612a3a0b76c2b344ba2d9470a118bb961 (patch) | |
tree | 10462a625285ef28fb5632f2f8b004d82d9e740a /www/apachetop | |
parent | 97bc9cf4f4798bc293044ffa6cdb1d181c589c13 (diff) | |
download | pkgsrc-c54181a612a3a0b76c2b344ba2d9470a118bb961.tar.gz |
Apply patch from Steve Kemp of Debian to fix insecure temporary file usage.
Fixes CAN-2005-2660.
Diffstat (limited to 'www/apachetop')
-rw-r--r-- | www/apachetop/Makefile | 3 | ||||
-rw-r--r-- | www/apachetop/distinfo | 3 | ||||
-rw-r--r-- | www/apachetop/patches/patch-aa | 22 |
3 files changed, 26 insertions, 2 deletions
diff --git a/www/apachetop/Makefile b/www/apachetop/Makefile index 2d424c1fbb3..07d0d0f43f0 100644 --- a/www/apachetop/Makefile +++ b/www/apachetop/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.5 2005/04/11 21:47:51 tv Exp $ +# $NetBSD: Makefile,v 1.6 2005/10/06 11:26:18 sketch Exp $ # DISTNAME= apachetop-0.12.5 +PKGREVISION= 1 CATEGORIES= sysutils www MASTER_SITES= http://clueful.shagged.org/apachetop/files/ diff --git a/www/apachetop/distinfo b/www/apachetop/distinfo index 585411828ba..f4d88de1e93 100644 --- a/www/apachetop/distinfo +++ b/www/apachetop/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.3 2005/02/24 14:08:28 wiz Exp $ +$NetBSD: distinfo,v 1.4 2005/10/06 11:26:18 sketch Exp $ SHA1 (apachetop-0.12.5.tar.gz) = b41d3c68478e3cd378988834f32ce9a33975c67e RMD160 (apachetop-0.12.5.tar.gz) = a46fb8e850d6d98ce38aaa97fb2ea62553091ded Size (apachetop-0.12.5.tar.gz) = 126967 bytes +SHA1 (patch-aa) = eae05f08dc87ba367256d632e8b95d186955e4dc diff --git a/www/apachetop/patches/patch-aa b/www/apachetop/patches/patch-aa new file mode 100644 index 00000000000..798c03d03a2 --- /dev/null +++ b/www/apachetop/patches/patch-aa @@ -0,0 +1,22 @@ +$NetBSD: patch-aa,v 1.3 2005/10/06 11:26:18 sketch Exp $ + +--- src/apachetop.cc.orig 2005-10-06 12:07:41.000000000 +0100 ++++ src/apachetop.cc 2005-10-06 12:10:07.000000000 +0100 +@@ -1104,8 +1104,16 @@ + { + FILE *d; + va_list args; ++ static char tmpfile[1024] = {'\0'}; + +- if (cf.debug && (d = fopen(DEBUG_OUTPUT, "a"))) ++ if (!strlen(tmpfile)) ++ { ++ strcpy(tmpfile, "/tmp/atop.XXXXXX"); ++ mkdtemp(tmpfile); ++ strncat(tmpfile, "/debug", sizeof(tmpfile)); ++ } ++ ++ if (cf.debug && (d = fopen(tmpfile, "a"))) + { + va_start(args, fmt); + vfprintf(d, fmt, args); |