Report forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
New Bug report received and forwarded. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
Subject: The possibility of attack with the help of symlinks in some Debian packages
Date: Sun, 24 Aug 2008 22:05:30 +0400
Package: xastir
Severity: grave
Hi, maintainer!
This message about the error concerns a few packages at once. I've
tested all the packages (for Lenny) on my Debian mirror. All scripts
of packages (marked as executable) were tested.
In some packages I've discovered scripts with errors which may be used
by a user for damaging important system files or user's files.
For example if a script uses in its work a temp file which is created
in /tmp directory, then every user can create symlink with the same
name in this directory in order to destroy or rewrite some system
or user file. Symlink attack may also lead not only to the data
desctruction but to denial of service as well.
Even if you create files or directories with help of function 'RANDOM'
or pid(), then your system is not protected. Attacker can create many
symlinks in order to destroy your data or create 'denial of service'
for your package scripts.
Even if you make rm(dir) for files/directories, then your system is
not protected. Attacker can permanently create symlinks.
This list is created with the help of script. This list is sorted by
hand. Howewer in some cases mistake is possible.
Please, Be understanding to possible mistakes. :)
I set Severity into grave for this bug. The table of discovered
problems is below.
Discussion of this bug you can see in debian-devel@:
http://lists.debian.org/debian-devel/2008/08/msg00271.html
Binary-package: r-base-core-ra (1.1.1-1)
file: /usr/lib/Ra/lib/R/bin/javareconf
Binary-package: rccp (0.9-2)
file: /usr/lib/rccp/delqueueask
Binary-package: mafft (6.240-1)
file: /usr/bin/mafft-homologs
Binary-package: openoffice.org-common (1:2.4.1-6)
file: /usr/lib/openoffice/program/senddoc
Binary-package: crossfire-maps (1.11.0-1)
file: /usr/share/games/crossfire/maps/Info/combine.pl
Binary-package: sgml2x (1.0.0-11.1)
file: /usr/bin/rlatex
Binary-package: liguidsoap (0.3.6-4)
file: /var/lib/liguidsoap/liguidsoap.py
Binary-package: citadel-server (7.37-1)
file: /usr/lib/citadel-server/migrate_aliases.sh
Binary-package: ampache (3.4.1-1)
file: /usr/share/ampache/www/locale/base/gather-messages.sh
Binary-package: xen-utils-3.2-1 (3.2.1-2)
file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug
Binary-package: dtc-common (0.29.6-1)
file: /usr/share/dtc/admin/accesslog.php
file: /usr/share/dtc/admin/sa-wrapper
Binary-package: honeyd-common (1.5c-3)
file: /usr/share/honeyd/scripts/test.sh
Binary-package: lustre-tests (1.6.5-1)
file: /usr/lib/lustre/tests/runiozone
Binary-package: linuxtrade (3.65-8+b4)
file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol
file: /usr/share/linuxtrade/bin/linuxtrade.wn
file: /usr/share/linuxtrade/bin/moneyam.helper
Binary-package: freevo (1.8.1-0)
file: /usr/bin/freevo.real
Binary-package: fml (4.0.3.dfsg-2)
file: /usr/share/fml/libexec/mead.pl
Binary-package: rkhunter (1.3.2-3)
file: /usr/bin/rkhunter
Binary-package: openswan (1:2.4.12+dfsg-1.1)
file: /usr/lib/ipsec/livetest
Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1)
file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap
file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest
Binary-package: aptoncd (0.1-1.1)
file: /usr/share/aptoncd/xmlfile.py
Binary-package: cdcontrol (1.90-1.1)
file: /usr/lib/cdcontrol/writtercontrol
Binary-package: newsgate (1.6-23)
file: /usr/bin/mkmailpost
Binary-package: gpsdrive-scripts (2.10~pre4-3)
file: /usr/bin/geo-code
Binary-package: impose+ (0.2-11)
file: /usr/bin/impose
Binary-package: mgt (2.31-5)
file: /usr/games/mailgo
Binary-package: audiolink (0.05-1)
file: /usr/bin/audiolink
Binary-package: ibackup (2.27-4.1)
file: /usr/bin/ibackup
Binary-package: emacspeak (26.0-3)
file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl
Binary-package: bk2site (1:1.1.9-3.1)
file: /usr/lib/cgi-bin/bk2site/redirect.pl
Binary-package: datafreedom-perl (0.1.7-1)
file: /usr/bin/dfxml-invoice
Binary-package: emacs-jabber (0.7.91-1)
file: /usr/lib/emacsen-common/packages/install/emacs-jabber
Binary-package: lmbench (3.0-a7-1)
file: /usr/lib/lmbench/scripts/rccs
file: /usr/lib/lmbench/scripts/STUFF
Binary-package: rancid-util (2.3.2~a8-1)
file: /var/lib/rancid/getipacctg
Binary-package: ogle (0.9.2-5.2)
file: /usr/lib/ogle/ogle_audio_debug
file: /usr/lib/ogle/ogle_cli_debug
file: /usr/lib/ogle/ogle_ctrl_debug
file: /usr/lib/ogle/ogle_gui_debug
file: /usr/lib/ogle/ogle_mpeg_ps_debug
file: /usr/lib/ogle/ogle_mpeg_vs_debug
file: /usr/lib/ogle/ogle_nav_debug
file: /usr/lib/ogle/ogle_vout_debug
Binary-package: firehol (1.256-4)
file: /sbin/firehol
Binary-package: aview (1.3.0rc1-8)
file: /usr/bin/asciiview
Binary-package: radiance (3R9+20080530-3)
file: /usr/bin/optics2rad
file: /usr/bin/pdelta
file: /usr/bin/dayfact
file: /usr/bin/raddepend
Binary-package: vdr-dbg (1.6.0-5)
file: /usr/bin/vdrleaktest
Binary-package: ogle-mmx (0.9.2-5.2)
file: /usr/lib/ogle/ogle_audio_debug
file: /usr/lib/ogle/ogle_cli_debug
file: /usr/lib/ogle/ogle_ctrl_debug
file: /usr/lib/ogle/ogle_gui_debug
file: /usr/lib/ogle/ogle_mpeg_ps_debug
file: /usr/lib/ogle/ogle_mpeg_vs_debug
file: /usr/lib/ogle/ogle_nav_debug
file: /usr/lib/ogle/ogle_vout_debug
Binary-package: convirt (0.8.2-3)
file: /usr/share/convirt/image_store/_template_/provision.sh
file: /usr/share/convirt/image_store/Linux_CD_Install/provision.sh
file: /usr/share/convirt/image_store/Fedora_PV_Install/provision.sh
file: /usr/share/convirt/image_store/CentOS_PV_Install/provision.sh
file: /usr/share/convirt/image_store/common/provision.sh
file: /usr/share/convirt/image_store/example/provision.sh
file: /usr/share/convirt/image_store/Windows_CD_Install/provision.sh
Binary-package: printfilters-ppd (2.13-9)
file: /usr/lib/printfilters/master-filter
Binary-package: r-base-core (2.7.1-1)
file: /usr/lib/R/bin/javareconf
file: /usr/lib/R/bin/javareconf.orig
Binary-package: xmcd (2.6-19.3)
file: /usr/share/xmcd/scripts/ncsarmt
file: /usr/share/xmcd/scripts/ncsawrap
Binary-package: tiger (1:3.2.2-3.1)
file: /usr/lib/tiger/util/genmsgidx
Binary-package: scilab-bin (4.1.2-5)
file: /usr/lib/scilab-4.1.2/bin/scilink
file: /usr/lib/scilab-4.1.2/util/scidoc
file: /usr/lib/scilab-4.1.2/util/scidem
Binary-package: dpkg-cross (2.3.0)
file: /usr/share/dpkg-cross/bin/gccross
Binary-package: ltp-network-test (20060918-2.1)
file: /usr/lib/debian-test/tests/linux/testcases/bin/ftp_setup_vsftp_conf
file: /usr/lib/debian-test/tests/linux/testcases/bin/nfs_fsstress.sh
Binary-package: cman (2.20080629-1)
file: /usr/sbin/fence_egenera
Binary-package: scratchbox2 (1.99.0.24-1)
file: /usr/share/scratchbox2/scripts/dpkg-checkbuilddeps
file: /usr/share/scratchbox2/scripts/sb2-check-pkg-mappings
Binary-package: sendmail-base (8.14.3-5)
file: /usr/sbin/checksendmail
file: /usr/bin/expn
Binary-package: fwbuilder (2.1.19-3)
file: /usr/bin/fwb_install
Binary-package: sng (1.0.2-5)
file: /usr/bin/sng_regress
Binary-package: dist (1:3.5-17-1)
file: /usr/bin/patcil
file: /usr/bin/patdiff
Binary-package: sympa (5.3.4-5)
file: /usr/lib/cgi-bin/sympa/wwsympa.fcgi
file: /usr/lib/sympa/bin/sympa.pl
Binary-package: postfix (2.5.2-2)
file: /usr/lib/postfix_groups.pl
Binary-package: caudium (3:1.4.12-11)
file: /usr/share/caudium/configvar
Binary-package: mgetty-fax (1.1.36-1.2)
file: /usr/bin/faxspool
Binary-package: aegis (4.24-3)
file: /usr/share/doc/aegis/examples/remind/bng_dvlpd.sh
file: /usr/share/doc/aegis/examples/remind/bng_rvwd.sh
file: /usr/share/doc/aegis/examples/remind/awt_dvlp.sh
file: /usr/share/doc/aegis/examples/remind/awt_intgrtn.sh
Binary-package: aegis-web (4.24-3)
file: /usr/lib/cgi-bin/aegis.cgi
Binary-package: digitaldj (0.7.5-6+b1)
file: /usr/share/digitaldj/fest.pl
Binary-package: mon (0.99.2-12)
file: /usr/lib/mon/alert.d/test.alert
Binary-package: feta (1.4.16)
file: /usr/share/feta/plugins/to-upgrade
Binary-package: arb-common (0.0.20071207.1-4)
file: /usr/lib/arb/SH/arb_fastdnaml
file: /usr/lib/arb/SH/dszmconnect.pl
Binary-package: qemu (0.9.1-5)
file: /usr/sbin/qemu-make-debian-root
Binary-package: apertium (3.0.7+1-1+b1)
file: /usr/bin/apertium-gen-deformat
file: /usr/bin/apertium-gen-reformat
file: /usr/bin/apertium
Binary-package: xcal (4.1-18.3)
file: /usr/bin/pscal
Binary-package: myspell-tools (1:3.1-20)
file: /usr/bin/i2myspell
Binary-package: gccxml (0.9.0+cvs20080525-1)
file: /usr/share/gccxml-0.9/MIPSpro/find_flags
Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
file: /usr/share/freeradius-dialupadmin/bin/backup_radacct
file: /usr/share/freeradius-dialupadmin/bin/clean_radacct
file: /usr/share/freeradius-dialupadmin/bin/monthly_tot_stats
file: /usr/share/freeradius-dialupadmin/bin/tot_stats
file: /usr/share/freeradius-dialupadmin/bin/truncate_radacct
Binary-package: dhis-server (5.3-1)
file: /usr/lib/dhis-server/dhis-dummy-log-engine
Binary-package: wims (3.62-13)
file: /var/lib/wims/public_html/bin/coqweb
file: /var/lib/wims/bin/account.sh
Binary-package: initramfs-tools (0.92f)
file: /usr/share/initramfs-tools/init
Binary-package: realtimebattle-common (1.0.8-7)
file: /usr/lib/realtimebattle/Robots/perl.robot
Binary-package: netmrg (0.20-1)
file: /usr/bin/rrdedit
Binary-package: bulmages-servers (0.11.1-2)
file: /usr/share/bulmages/examples/scripts/actualizabulmacont
file: /usr/share/bulmages/examples/scripts/installbulmages-db
file: /usr/share/bulmages/examples/scripts/creabulmafact
file: /usr/share/bulmages/examples/scripts/creabulmacont
file: /usr/share/bulmages/examples/scripts/actualizabulmafact
Binary-package: xastir (1.9.2-1)
file: /usr/lib/xastir/get-maptools.sh
file: /usr/lib/xastir/get_shapelib.sh
Binary-package: plait (1.5.2-1)
file: /usr/bin/plaiter
file: /usr/bin/plait
Binary-package: cdrw-taper (0.4-2)
file: /usr/sbin/amlabel-cdrw
Binary-package: konwert-filters (1.8-11.1)
file: /usr/share/konwert/filters/any-UTF8
Binary-package: gdrae (0.1-1)
file: /usr/bin/gdrae
Binary-package: lazarus-src (0.9.24-0-9)
file: /usr/lib/lazarus/tools/install/create_lazarus_export_tgz.sh
Tags added:
Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru>
to control@bugs.debian.org.
(Tue, 26 Aug 2008 08:45:27 GMT) (full text, mbox, link).
Tags added: security
Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru>
to control@bugs.debian.org.
(Tue, 26 Aug 2008 08:57:19 GMT) (full text, mbox, link).
Reply sent to Joop Stakenborg <pa3aba@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
Bug acknowledged by developer.
(full text, mbox, link).
Source: xastir
Source-Version: 1.9.2-1.1
We believe that the bug you reported is fixed in the latest version of
xastir, which is due to be installed in the Debian FTP archive:
xastir_1.9.2-1.1.diff.gz
to pool/main/x/xastir/xastir_1.9.2-1.1.diff.gz
xastir_1.9.2-1.1.dsc
to pool/main/x/xastir/xastir_1.9.2-1.1.dsc
xastir_1.9.2-1.1_i386.deb
to pool/main/x/xastir/xastir_1.9.2-1.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 496383@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joop Stakenborg <pa3aba@debian.org> (supplier of updated xastir package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 26 Aug 2008 15:48:02 +0200
Source: xastir
Binary: xastir
Architecture: source i386
Version: 1.9.2-1.1
Distribution: unstable
Urgency: low
Maintainer: Debian Hams group <debian-hams@lists.debian.org>
Changed-By: Joop Stakenborg <pa3aba@debian.org>
Description:
xastir - X Amateur Station Tracking and Information Reporting
Closes: 496383
Changes:
xastir (1.9.2-1.1) unstable; urgency=low
.
* Non-maintainer upload.
* Fix attack with the help of symlinks. scripts/get-maptools.sh and
scripts/get_shapelib.sh now use mktemp -t. Closes: #496383.
* Add myself to the uploaders field.
Checksums-Sha1:
894dbdee7d192760c6891d878ab839a3a038e38a 1321 xastir_1.9.2-1.1.dsc
519d2c737d6394eac7efd75041c9b69fdc0e73b6 89335 xastir_1.9.2-1.1.diff.gz
99fe0c3fd9833be972cd4ae9620beb17e6f86362 1354756 xastir_1.9.2-1.1_i386.deb
Checksums-Sha256:
7b57f1b7cb3dafa3921cda69a1320d5e544a7babeb0d9789e16c31e155c15595 1321 xastir_1.9.2-1.1.dsc
f0b49ef61b5a8ede4457bbec9923fb5d2454e5f9f287f7c8083bdc60339fe606 89335 xastir_1.9.2-1.1.diff.gz
7e0e8a839098c25ba06bf639322112dc95ad432432cbe32adffc9c23b2d5fd72 1354756 xastir_1.9.2-1.1_i386.deb
Files:
d4133bfec8b535a6a79823e22142cbfd 1321 hamradio optional xastir_1.9.2-1.1.dsc
d46725443e497d3a238ba2d47b64d6a8 89335 hamradio optional xastir_1.9.2-1.1.diff.gz
cb85ac00eb392d0829b32c7dc19c2be3 1354756 hamradio optional xastir_1.9.2-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAki0CtoACgkQ/CqtjGLxpX8N4wCeN2bNWFZrZJDnqDOOCJGaGYnp
v10AnAhmYsPpt6Lc/S7IejQVjLIYnGMy
=aoJw
-----END PGP SIGNATURE-----
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to Tomas Hoger <thoger@redhat.com>:
Extra info received and forwarded to list. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
Hi Joop!
You probably wanted to use:
TMPFILE=`mktemp -t`
instead of
TMPFILE = 'mktemp -t'
in your patch for #496383, right?
HTH
--
Tomas Hoger
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to Joop Stakenborg <pa3aba@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
Bug reopened, originator not changed.
Request was from Gerfried Fuchs <rhonda@debian.at>
to control@bugs.debian.org.
(Sun, 31 Aug 2008 15:57:02 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to Gerfried Fuchs <rhonda@deb.at>:
Extra info received and forwarded to list. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
* Joop Stakenborg <pa3aba@debian.org> [2008-08-28 16:53:41 CEST]:
> Op donderdag 28-08-2008 om 16:06 uur [tijdzone +0200], schreef Tomas
> Hoger:
> > You probably wanted to use:
> > TMPFILE=`mktemp -t`
> > instead of
> > TMPFILE = 'mktemp -t'
> > in your patch for #496383, right?
>
> Ouch, will fix ASAP, thanks!
You didn't, the required fix required to use backticks instead of
quotes ...
I'm currently building an NMU to fix this problem (find attached the
interdiff for it). Furthermore, the TMPFILE never gets removed, is there
a particular reason to not do so?
So long,
Rhonda
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to Gerfried Fuchs <rhonda@deb.at>:
Extra info received and forwarded to list. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
* Gerfried Fuchs <rhonda@deb.at> [2008-08-31 18:06:54 CEST]:
> I'm currently building an NMU to fix this problem (find attached the
> interdiff for it). Furthermore, the TMPFILE never gets removed, is there
> a particular reason to not do so?
Uploaded, one further question, did you actually at any point take a
look at the lintian output of the package? It's a fair bit, even
including an Error and not only Warnings, and some of the Warnings do
indeed look a bit fishy, especially the
debian-rules-calls-debhelper-in-odd-order one.
So long,
Rhonda
Reply sent to Gerfried Fuchs <rhonda@debian.at>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
Bug acknowledged by developer.
(full text, mbox, link).
Source: xastir
Source-Version: 1.9.2-2.1
We believe that the bug you reported is fixed in the latest version of
xastir, which is due to be installed in the Debian FTP archive:
xastir_1.9.2-2.1.diff.gz
to pool/main/x/xastir/xastir_1.9.2-2.1.diff.gz
xastir_1.9.2-2.1.dsc
to pool/main/x/xastir/xastir_1.9.2-2.1.dsc
xastir_1.9.2-2.1_powerpc.deb
to pool/main/x/xastir/xastir_1.9.2-2.1_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 496383@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gerfried Fuchs <rhonda@debian.at> (supplier of updated xastir package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 31 Aug 2008 17:55:56 +0200
Source: xastir
Binary: xastir
Architecture: source powerpc
Version: 1.9.2-2.1
Distribution: unstable
Urgency: low
Maintainer: Debian Hams group <debian-hams@lists.debian.org>
Changed-By: Gerfried Fuchs <rhonda@debian.at>
Description:
xastir - X Amateur Station Tracking and Information Reporting
Closes: 496383
Changes:
xastir (1.9.2-2.1) unstable; urgency=low
.
* NMU to fix security bug: Actually use backticks instead of quotes for the
mktemp call (closes: #496383)
Checksums-Sha1:
cdce05db11d1cea3ae8a347c60ad667121fd497f 1321 xastir_1.9.2-2.1.dsc
97fec3335125ff7cfdbc8bebc6ec4ccb897fef04 89549 xastir_1.9.2-2.1.diff.gz
23cfd0db57e3147664937198c37c10ae44d5f780 1302748 xastir_1.9.2-2.1_powerpc.deb
Checksums-Sha256:
0d90c55e4d8ba7e12f3bbe72ffd7762723ccb24bbcf2c2d127ca5586acdccc7a 1321 xastir_1.9.2-2.1.dsc
1d57ea458515b8321049e2adabbc68df49f5c048fb6fe1c397f144588f9aa616 89549 xastir_1.9.2-2.1.diff.gz
eaa4374c70475a4f2e78206854b5988def04e4a2d049e5a78a5a8f012283609d 1302748 xastir_1.9.2-2.1_powerpc.deb
Files:
d369d3851df42efecc0be7f0dbb27bab 1321 hamradio optional xastir_1.9.2-2.1.dsc
0bd992d4cb111d862388b6a3f453e108 89549 hamradio optional xastir_1.9.2-2.1.diff.gz
f4264fae49f675b25032caa140166d40 1302748 hamradio optional xastir_1.9.2-2.1_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAki6xHcACgkQELuA/Ba9d8bznACdFi8ArUaOHz+oh729jQebc2vz
z8EAoLpVTDhIaMWhhfOlXzPDfuKIjpAv
=EMD+
-----END PGP SIGNATURE-----
Information forwarded to debian-bugs-dist@lists.debian.org, Debian Hams group <debian-hams@lists.debian.org>: Bug#496383; Package xastir.
(full text, mbox, link).
Acknowledgement sent to Joop Stakenborg <pa3aba@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Hams group <debian-hams@lists.debian.org>.
(full text, mbox, link).
Op zondag 31-08-2008 om 18:06 uur [tijdzone +0200], schreef Gerfried
Fuchs:
> * Joop Stakenborg <pa3aba@debian.org> [2008-08-28 16:53:41 CEST]:
> > Op donderdag 28-08-2008 om 16:06 uur [tijdzone +0200], schreef Tomas
> > Hoger:
> > > You probably wanted to use:
> > > TMPFILE=`mktemp -t`
> > > instead of
> > > TMPFILE = 'mktemp -t'
> > > in your patch for #496383, right?
> >
> > Ouch, will fix ASAP, thanks!
>
> You didn't, the required fix required to use backticks instead of
> quotes ...
>
I am sorry, I am not a very good shell script writer.
> I'm currently building an NMU to fix this problem (find attached the
> interdiff for it). Furthermore, the TMPFILE never gets removed, is there
> a particular reason to not do so?
>
No reason.
I will contact upstream so the next version will fix this.
> So long,
> Rhonda
Thanks,
Joop
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.