Debian Bug report logs - #496422
The possibility of attack with the help of symlinks in some Debian packages

version graph

Package: aview; Maintainer for aview is Uwe Hermann <uwe@debian.org>; Source for aview is src:aview.

Reported by: "Dmitry E. Oboukhov" <dimka@uvw.ru>

Date: Sun, 24 Aug 2008 18:11:48 UTC

Severity: grave

Tags: confirmed, patch, security

Fixed in version aview/1.3.0rc1-8.1

Done: Gerfried Fuchs <rhonda@debian.at>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
New Bug report received and forwarded. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "Dmitry E. Oboukhov" <dimka@uvw.ru>
To: submit@bugs.debian.org
Cc: dimka@uvw.ru
Subject: The possibility of attack with the help of symlinks in some Debian packages
Date: Sun, 24 Aug 2008 22:05:29 +0400
Package: aview
Severity: grave

Hi, maintainer!

This message about the error concerns a few packages  at  once.   I've
tested all the packages (for Lenny) on my Debian mirror.  All  scripts
of packages (marked as executable) were tested.

In some packages I've discovered scripts with errors which may be used
by a user for damaging important system files or user's files.

For example if a script uses in its work a temp file which is  created
in /tmp directory, then every user can create symlink  with  the  same
name in this directory in order to  destroy  or  rewrite  some  system
or user file.  Symlink attack may also  lead  not  only  to  the  data
desctruction but to denial of service as well.

Even if you create files or directories with help of function 'RANDOM'
or pid(), then your system is not protected. Attacker can create many
symlinks in order to destroy your data or create 'denial  of  service'
for your package scripts.

Even if you make rm(dir) for files/directories, then  your  system  is
not protected. Attacker can permanently create symlinks.

This list is created with the help of script.  This list is sorted  by
hand. Howewer in some cases mistake is possible.

Please, Be understanding to possible mistakes. :)

I set Severity into grave for this bug. The table of discovered
problems is below.

Discussion of this bug you can see in debian-devel@:
    http://lists.debian.org/debian-devel/2008/08/msg00271.html

Binary-package: r-base-core-ra (1.1.1-1)
    file: /usr/lib/Ra/lib/R/bin/javareconf
Binary-package: rccp (0.9-2)
    file: /usr/lib/rccp/delqueueask
Binary-package: mafft (6.240-1)
    file: /usr/bin/mafft-homologs
Binary-package: openoffice.org-common (1:2.4.1-6)
    file: /usr/lib/openoffice/program/senddoc
Binary-package: crossfire-maps (1.11.0-1)
    file: /usr/share/games/crossfire/maps/Info/combine.pl
Binary-package: sgml2x (1.0.0-11.1)
    file: /usr/bin/rlatex
Binary-package: liguidsoap (0.3.6-4)
    file: /var/lib/liguidsoap/liguidsoap.py
Binary-package: citadel-server (7.37-1)
    file: /usr/lib/citadel-server/migrate_aliases.sh
Binary-package: ampache (3.4.1-1)
    file: /usr/share/ampache/www/locale/base/gather-messages.sh
Binary-package: xen-utils-3.2-1 (3.2.1-2)
    file: /usr/lib/xen-3.2-1/bin/qemu-dm.debug
Binary-package: dtc-common (0.29.6-1)
    file: /usr/share/dtc/admin/accesslog.php
    file: /usr/share/dtc/admin/sa-wrapper
Binary-package: honeyd-common (1.5c-3)
    file: /usr/share/honeyd/scripts/test.sh
Binary-package: lustre-tests (1.6.5-1)
    file: /usr/lib/lustre/tests/runiozone
Binary-package: linuxtrade (3.65-8+b4)
    file: /usr/share/linuxtrade/bin/linuxtrade.bwkvol
    file: /usr/share/linuxtrade/bin/linuxtrade.wn
    file: /usr/share/linuxtrade/bin/moneyam.helper
Binary-package: freevo (1.8.1-0)
    file: /usr/bin/freevo.real
Binary-package: fml (4.0.3.dfsg-2)
    file: /usr/share/fml/libexec/mead.pl
Binary-package: rkhunter (1.3.2-3)
    file: /usr/bin/rkhunter
Binary-package: openswan (1:2.4.12+dfsg-1.1)
    file: /usr/lib/ipsec/livetest
Binary-package: linux-patch-openswan (1:2.4.12+dfsg-1.1)
    file: /usr/src/kernel-patches/all/openswan/packaging/utils/maysnap
    file: /usr/src/kernel-patches/all/openswan/packaging/utils/maytest
Binary-package: aptoncd (0.1-1.1)
    file: /usr/share/aptoncd/xmlfile.py
Binary-package: cdcontrol (1.90-1.1)
    file: /usr/lib/cdcontrol/writtercontrol
Binary-package: newsgate (1.6-23)
    file: /usr/bin/mkmailpost
Binary-package: gpsdrive-scripts (2.10~pre4-3)
    file: /usr/bin/geo-code
Binary-package: impose+ (0.2-11)
    file: /usr/bin/impose
Binary-package: mgt (2.31-5)
    file: /usr/games/mailgo
Binary-package: audiolink (0.05-1)
    file: /usr/bin/audiolink
Binary-package: ibackup (2.27-4.1)
    file: /usr/bin/ibackup
Binary-package: emacspeak (26.0-3)
    file: /usr/share/emacs/site-lisp/emacspeak/etc/extract-table.pl
Binary-package: bk2site (1:1.1.9-3.1)
    file: /usr/lib/cgi-bin/bk2site/redirect.pl
Binary-package: datafreedom-perl (0.1.7-1)
    file: /usr/bin/dfxml-invoice
Binary-package: emacs-jabber (0.7.91-1)
    file: /usr/lib/emacsen-common/packages/install/emacs-jabber
Binary-package: lmbench (3.0-a7-1)
    file: /usr/lib/lmbench/scripts/rccs
    file: /usr/lib/lmbench/scripts/STUFF
Binary-package: rancid-util (2.3.2~a8-1)
    file: /var/lib/rancid/getipacctg
Binary-package: ogle (0.9.2-5.2)
    file: /usr/lib/ogle/ogle_audio_debug
    file: /usr/lib/ogle/ogle_cli_debug
    file: /usr/lib/ogle/ogle_ctrl_debug
    file: /usr/lib/ogle/ogle_gui_debug
    file: /usr/lib/ogle/ogle_mpeg_ps_debug
    file: /usr/lib/ogle/ogle_mpeg_vs_debug
    file: /usr/lib/ogle/ogle_nav_debug
    file: /usr/lib/ogle/ogle_vout_debug
Binary-package: firehol (1.256-4)
    file: /sbin/firehol
Binary-package: aview (1.3.0rc1-8)
    file: /usr/bin/asciiview
Binary-package: radiance (3R9+20080530-3)
    file: /usr/bin/optics2rad
    file: /usr/bin/pdelta
    file: /usr/bin/dayfact
    file: /usr/bin/raddepend
Binary-package: vdr-dbg (1.6.0-5)
    file: /usr/bin/vdrleaktest
Binary-package: ogle-mmx (0.9.2-5.2)
    file: /usr/lib/ogle/ogle_audio_debug
    file: /usr/lib/ogle/ogle_cli_debug
    file: /usr/lib/ogle/ogle_ctrl_debug
    file: /usr/lib/ogle/ogle_gui_debug
    file: /usr/lib/ogle/ogle_mpeg_ps_debug
    file: /usr/lib/ogle/ogle_mpeg_vs_debug
    file: /usr/lib/ogle/ogle_nav_debug
    file: /usr/lib/ogle/ogle_vout_debug
Binary-package: convirt (0.8.2-3)
    file: /usr/share/convirt/image_store/_template_/provision.sh
    file: /usr/share/convirt/image_store/Linux_CD_Install/provision.sh
    file: /usr/share/convirt/image_store/Fedora_PV_Install/provision.sh
    file: /usr/share/convirt/image_store/CentOS_PV_Install/provision.sh
    file: /usr/share/convirt/image_store/common/provision.sh
    file: /usr/share/convirt/image_store/example/provision.sh
    file: /usr/share/convirt/image_store/Windows_CD_Install/provision.sh
Binary-package: printfilters-ppd (2.13-9)
    file: /usr/lib/printfilters/master-filter
Binary-package: r-base-core (2.7.1-1)
    file: /usr/lib/R/bin/javareconf
    file: /usr/lib/R/bin/javareconf.orig
Binary-package: xmcd (2.6-19.3)
    file: /usr/share/xmcd/scripts/ncsarmt
    file: /usr/share/xmcd/scripts/ncsawrap
Binary-package: tiger (1:3.2.2-3.1)
    file: /usr/lib/tiger/util/genmsgidx
Binary-package: scilab-bin (4.1.2-5)
    file: /usr/lib/scilab-4.1.2/bin/scilink
    file: /usr/lib/scilab-4.1.2/util/scidoc
    file: /usr/lib/scilab-4.1.2/util/scidem
Binary-package: dpkg-cross (2.3.0)
    file: /usr/share/dpkg-cross/bin/gccross
Binary-package: ltp-network-test (20060918-2.1)
    file: /usr/lib/debian-test/tests/linux/testcases/bin/ftp_setup_vsftp_conf
    file: /usr/lib/debian-test/tests/linux/testcases/bin/nfs_fsstress.sh
Binary-package: cman (2.20080629-1)
    file: /usr/sbin/fence_egenera
Binary-package: scratchbox2 (1.99.0.24-1)
    file: /usr/share/scratchbox2/scripts/dpkg-checkbuilddeps
    file: /usr/share/scratchbox2/scripts/sb2-check-pkg-mappings
Binary-package: sendmail-base (8.14.3-5)
    file: /usr/sbin/checksendmail
    file: /usr/bin/expn
Binary-package: fwbuilder (2.1.19-3)
    file: /usr/bin/fwb_install
Binary-package: sng (1.0.2-5)
    file: /usr/bin/sng_regress
Binary-package: dist (1:3.5-17-1)
    file: /usr/bin/patcil
    file: /usr/bin/patdiff
Binary-package: sympa (5.3.4-5)
    file: /usr/lib/cgi-bin/sympa/wwsympa.fcgi
    file: /usr/lib/sympa/bin/sympa.pl
Binary-package: postfix (2.5.2-2)
    file: /usr/lib/postfix_groups.pl
Binary-package: caudium (3:1.4.12-11)
    file: /usr/share/caudium/configvar
Binary-package: mgetty-fax (1.1.36-1.2)
    file: /usr/bin/faxspool
Binary-package: aegis (4.24-3)
    file: /usr/share/doc/aegis/examples/remind/bng_dvlpd.sh
    file: /usr/share/doc/aegis/examples/remind/bng_rvwd.sh
    file: /usr/share/doc/aegis/examples/remind/awt_dvlp.sh
    file: /usr/share/doc/aegis/examples/remind/awt_intgrtn.sh
Binary-package: aegis-web (4.24-3)
    file: /usr/lib/cgi-bin/aegis.cgi
Binary-package: digitaldj (0.7.5-6+b1)
    file: /usr/share/digitaldj/fest.pl
Binary-package: mon (0.99.2-12)
    file: /usr/lib/mon/alert.d/test.alert
Binary-package: feta (1.4.16)
    file: /usr/share/feta/plugins/to-upgrade
Binary-package: arb-common (0.0.20071207.1-4)
    file: /usr/lib/arb/SH/arb_fastdnaml
    file: /usr/lib/arb/SH/dszmconnect.pl
Binary-package: qemu (0.9.1-5)
    file: /usr/sbin/qemu-make-debian-root
Binary-package: apertium (3.0.7+1-1+b1)
    file: /usr/bin/apertium-gen-deformat
    file: /usr/bin/apertium-gen-reformat
    file: /usr/bin/apertium
Binary-package: xcal (4.1-18.3)
    file: /usr/bin/pscal
Binary-package: myspell-tools (1:3.1-20)
    file: /usr/bin/i2myspell
Binary-package: gccxml (0.9.0+cvs20080525-1)
    file: /usr/share/gccxml-0.9/MIPSpro/find_flags
Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4)
    file: /usr/share/freeradius-dialupadmin/bin/backup_radacct
    file: /usr/share/freeradius-dialupadmin/bin/clean_radacct
    file: /usr/share/freeradius-dialupadmin/bin/monthly_tot_stats
    file: /usr/share/freeradius-dialupadmin/bin/tot_stats
    file: /usr/share/freeradius-dialupadmin/bin/truncate_radacct
Binary-package: dhis-server (5.3-1)
    file: /usr/lib/dhis-server/dhis-dummy-log-engine
Binary-package: wims (3.62-13)
    file: /var/lib/wims/public_html/bin/coqweb
    file: /var/lib/wims/bin/account.sh
Binary-package: initramfs-tools (0.92f)
    file: /usr/share/initramfs-tools/init
Binary-package: realtimebattle-common (1.0.8-7)
    file: /usr/lib/realtimebattle/Robots/perl.robot
Binary-package: netmrg (0.20-1)
    file: /usr/bin/rrdedit
Binary-package: bulmages-servers (0.11.1-2)
    file: /usr/share/bulmages/examples/scripts/actualizabulmacont
    file: /usr/share/bulmages/examples/scripts/installbulmages-db
    file: /usr/share/bulmages/examples/scripts/creabulmafact
    file: /usr/share/bulmages/examples/scripts/creabulmacont
    file: /usr/share/bulmages/examples/scripts/actualizabulmafact
Binary-package: xastir (1.9.2-1)
    file: /usr/lib/xastir/get-maptools.sh
    file: /usr/lib/xastir/get_shapelib.sh
Binary-package: plait (1.5.2-1)
    file: /usr/bin/plaiter
    file: /usr/bin/plait
Binary-package: cdrw-taper (0.4-2)
    file: /usr/sbin/amlabel-cdrw
Binary-package: konwert-filters (1.8-11.1)
    file: /usr/share/konwert/filters/any-UTF8
Binary-package: gdrae (0.1-1)
    file: /usr/bin/gdrae
Binary-package: lazarus-src (0.9.24-0-9)
    file: /usr/lib/lazarus/tools/install/create_lazarus_export_tgz.sh




Noted your statement that Bug has been forwarded to http://sf.net/support/tracker.php?aid=2072147. Request was from "Thijs Kinkhorst" <thijs@debian.org> to control@bugs.debian.org. (Sun, 24 Aug 2008 20:15:03 GMT) Full text and rfc822 format available.

Removed annotation that Bug had been forwarded to http://sf.net/support/tracker.php?aid=2072147. Request was from Thijs Kinkhorst <thijs@debian.org> to control@bugs.debian.org. (Mon, 25 Aug 2008 11:24:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Thijs Kinkhorst <thijs@debian.org>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #14 received at 496422@bugs.debian.org (full text, mbox):

From: Thijs Kinkhorst <thijs@debian.org>
To: 496422@bugs.debian.org
Cc: control@bugs.debian.org
Subject: issue confirmed
Date: Mon, 25 Aug 2008 17:49:19 +0200
[Message part 1 (text/plain, inline)]
tags 496422 confirmed security
thanks

Hi,

The issue is indeed clearly present in asciiview, for example:

    myconvert $name >/tmp/aview$$.pgm

Since it's a shell script this can probably be quite easily addressed by using 
the essential 'mktemp' to create the temporary file.


cheers,
Thijs

[Message part 2 (application/pgp-signature, inline)]

Tags added: confirmed, security Request was from Thijs Kinkhorst <thijs@debian.org> to control@bugs.debian.org. (Mon, 25 Aug 2008 15:51:08 GMT) Full text and rfc822 format available.

Tags added: Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru> to control@bugs.debian.org. (Tue, 26 Aug 2008 08:45:51 GMT) Full text and rfc822 format available.

Tags added: security Request was from "Dmitry E. Oboukhov" <dimka@uvw.ru> to control@bugs.debian.org. (Tue, 26 Aug 2008 08:57:40 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Patryk Cisek <patryk@prezu.one.pl>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>.

Your message did not contain a Subject field. They are recommended and useful because the title of a $gBug is determined using this field. Please remember to include a Subject field in your messages in future.

Full text and rfc822 format available.


Message #25 received at 496422@bugs.debian.org (full text, mbox):

From: Patryk Cisek <patryk@prezu.one.pl>
To: 496422@bugs.debian.org
Date: Sun, 31 Aug 2008 16:28:09 +0200
[Message part 1 (text/plain, inline)]
I attached a patch with a fix for this bug.
-- 
Patryk Cisek
[496422.patch (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]

Tags added: patch Request was from Patryk Cisek <patryk@prezu.one.pl> to control@bugs.debian.org. (Sun, 31 Aug 2008 14:30:04 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Gerfried Fuchs <rhonda@deb.at>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #32 received at 496422@bugs.debian.org (full text, mbox):

From: Gerfried Fuchs <rhonda@deb.at>
To: Patryk Cisek <patryk@prezu.one.pl>, 496422@bugs.debian.org
Subject: Re: Bug#496422: (no subject)
Date: Mon, 1 Sep 2008 12:00:42 +0200
* Patryk Cisek <patryk@prezu.one.pl> [2008-08-31 16:28:09 CEST]:
> I attached a patch with a fix for this bug.

 Unfortunately your patch contains another problem: It cleans up any
files instead of only the process's own created ones which lead to
runtime issues with multiple concurent running instances.

 As the trap function for exit has access to all the variables used at
the time it's called there is no problem having clear() directly
"rm -f $tmpfilenam" instead.

 I'm currently testing that approach and will upload an NMU in a short
while.

 So long,
Rhonda




Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Gerfried Fuchs <rhonda@deb.at>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #37 received at 496422@bugs.debian.org (full text, mbox):

From: Gerfried Fuchs <rhonda@deb.at>
To: Patryk Cisek <patryk@prezu.one.pl>, 496422@bugs.debian.org
Subject: Re: Bug#496422: (no subject)
Date: Mon, 1 Sep 2008 12:38:52 +0200
[Message part 1 (text/plain, inline)]
* Gerfried Fuchs <rhonda@deb.at> [2008-09-01 12:00:42 CEST]:
> * Patryk Cisek <patryk@prezu.one.pl> [2008-08-31 16:28:09 CEST]:
> > I attached a patch with a fix for this bug.
> 
>  Unfortunately your patch contains another problem: It cleans up any
> files instead of only the process's own created ones which lead to
> runtime issues with multiple concurent running instances.

 ... furthermore, the tempfilenam you introduced doesn't end in .pgm and
thus the script doesn't work. Did you actually test your patch? :)

 Find attached the interdiff with a tested patch for the NMU I uploaded
just right now.

 So long, and thanks for taking care of this nice tool. :)
Rhonda
[aview_1.3.0rc1-8_1.3.0rc1-8.1.interdiff.gz (application/octet-stream, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Patryk Cisek <patryk@prezu.one.pl>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #42 received at 496422@bugs.debian.org (full text, mbox):

From: Patryk Cisek <patryk@prezu.one.pl>
To: Gerfried Fuchs <rhonda@deb.at>
Cc: 496422@bugs.debian.org
Subject: Re: Bug#496422: (no subject)
Date: Mon, 1 Sep 2008 13:00:17 +0200
[Message part 1 (text/plain, inline)]
Monday 01 of September 2008 12:38:52 Gerfried Fuchs napisał(a):
>  ... furthermore, the tempfilenam you introduced doesn't end in .pgm and
> thus the script doesn't work. Did you actually test your patch? :)
Yes, I tested it with jpg files. I didn't have any .fli, .lfc, or .flic, so 
didn't check those. Only if the aview  $options $tmpfilenam executes. So the 
problem you're referring to is related to those files? Just out of curiosity, 
could you please shed some light on it? I mean the .pgm file name extension 
problem. :] Cause with jpeg works just as expected. 

-- 
Patryk Cisek
[signature.asc (application/pgp-signature, inline)]

Reply sent to Gerfried Fuchs <rhonda@debian.at>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to "Dmitry E. Oboukhov" <dimka@uvw.ru>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #47 received at 496422-close@bugs.debian.org (full text, mbox):

From: Gerfried Fuchs <rhonda@debian.at>
To: 496422-close@bugs.debian.org
Subject: Bug#496422: fixed in aview 1.3.0rc1-8.1
Date: Mon, 01 Sep 2008 10:47:03 +0000
Source: aview
Source-Version: 1.3.0rc1-8.1

We believe that the bug you reported is fixed in the latest version of
aview, which is due to be installed in the Debian FTP archive:

aview_1.3.0rc1-8.1.diff.gz
  to pool/main/a/aview/aview_1.3.0rc1-8.1.diff.gz
aview_1.3.0rc1-8.1.dsc
  to pool/main/a/aview/aview_1.3.0rc1-8.1.dsc
aview_1.3.0rc1-8.1_powerpc.deb
  to pool/main/a/aview/aview_1.3.0rc1-8.1_powerpc.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 496422@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gerfried Fuchs <rhonda@debian.at> (supplier of updated aview package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 01 Sep 2008 12:14:00 +0200
Source: aview
Binary: aview
Architecture: source powerpc
Version: 1.3.0rc1-8.1
Distribution: unstable
Urgency: low
Maintainer: Uwe Hermann <uwe@debian.org>
Changed-By: Gerfried Fuchs <rhonda@debian.at>
Description: 
 aview      - A high quality ASCII art image viewer and video player
Closes: 496422
Changes: 
 aview (1.3.0rc1-8.1) unstable; urgency=low
 .
   * Non-maintainer upload fixing security propblem with tmp files, thanks to
     Patryk Cisek for the idea (closes: #496422)
Checksums-Sha1: 
 8d7210764f3bfb9eb0ebc154c85a7139274c6b91 980 aview_1.3.0rc1-8.1.dsc
 ae3ec8fd09a2dfab02c7af1a81665ec5d9fd6229 8300 aview_1.3.0rc1-8.1.diff.gz
 0eeb643c99493f63ca1f9e4231fdb5d93237c872 34532 aview_1.3.0rc1-8.1_powerpc.deb
Checksums-Sha256: 
 a46fd20167e71803115ad25981be2fda7b1ad592d14d68fc8c6f1cd5f65ecaee 980 aview_1.3.0rc1-8.1.dsc
 4e63dccf1e8145c586d682621ca04286e5c1437ee0c2b63a9c0fc8f220675201 8300 aview_1.3.0rc1-8.1.diff.gz
 c59fa0dd1763d2b5e31dc87672da6fcbd63372faabbb31d27d27545928d1e07e 34532 aview_1.3.0rc1-8.1_powerpc.deb
Files: 
 385c0eb34a13d44fc7d9844dc7e86f16 980 graphics optional aview_1.3.0rc1-8.1.dsc
 1678a32e1a9dde03cfd264aa886faeca 8300 graphics optional aview_1.3.0rc1-8.1.diff.gz
 d35079bd2c58ece9dbf1ca63a63384ff 34532 graphics optional aview_1.3.0rc1-8.1_powerpc.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAki7xjcACgkQELuA/Ba9d8Y04QCgpvUXY4LW48ucBIdV+NIjDtJD
U5EAn20rmM3jmx3Jknh0QXzKkF8f93PX
=3Ote
-----END PGP SIGNATURE-----





Information forwarded to debian-bugs-dist@lists.debian.org, Uwe Hermann <uwe@debian.org>:
Bug#496422; Package aview. Full text and rfc822 format available.

Acknowledgement sent to Gerfried Fuchs <rhonda@deb.at>:
Extra info received and forwarded to list. Copy sent to Uwe Hermann <uwe@debian.org>. Full text and rfc822 format available.

Message #52 received at 496422@bugs.debian.org (full text, mbox):

From: Gerfried Fuchs <rhonda@deb.at>
To: Patryk Cisek <patryk@prezu.one.pl>, 496422@bugs.debian.org
Subject: Re: Bug#496422: (no subject)
Date: Mon, 1 Sep 2008 13:44:32 +0200
* Patryk Cisek <patryk@prezu.one.pl> [2008-09-01 13:00:17 CEST]:
> Monday 01 of September 2008 12:38:52 Gerfried Fuchs napisał(a):
> >  ... furthermore, the tempfilenam you introduced doesn't end in .pgm and
> > thus the script doesn't work. Did you actually test your patch? :)
>
> Yes, I tested it with jpg files. I didn't have any .fli, .lfc, or .flic, so 
> didn't check those. Only if the aview  $options $tmpfilenam executes. So the 
> problem you're referring to is related to those files? Just out of curiosity, 
> could you please shed some light on it? I mean the .pgm file name extension 
> problem. :] Cause with jpeg works just as expected. 

 Erm, that problem was a problem at my end at first, because I didn't
like the mktemp -u approach you chose, because of hopefully
understandable reasons. It would still had been a race condition, just a
very limited one. So I just removed the -u switch but didn't notice the
error message that mkfifo wasn't able to create the fifo - and thus in
the end the rest failed obviously.

 As I was going a different path anyway, that small understanding
problem with your approach wasn't a big problem. Sorry for the
confusion. :)

 So long! :)
Rhonda




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 16 Mar 2009 08:10:31 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 11:19:40 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.