diff options
| author |   Carsten Lohrke <carlo@gentoo.org> | 2005-08-14 23:28:24 +0000 |
|---|---|---|
| committer | Carsten Lohrke <carlo@gentoo.org> | 2005-08-14 23:28:24 +0000 |
| commit | 822ac601dfd4a21c87bd112aa6976c333593953d (patch) | |
| tree | 74988b54b2ff7a38ecf788535b99de8f086b85d4 /kde-base | |
| parent | Security release (diff) | |
| download | gentoo-2-822ac601dfd4a21c87bd112aa6976c333593953d.tar.gz gentoo-2-822ac601dfd4a21c87bd112aa6976c333593953d.tar.bz2 gentoo-2-822ac601dfd4a21c87bd112aa6976c333593953d.zip | |
temp file vulnerability, #102151
(Portage version: 2.0.51.22-r2)
Diffstat (limited to 'kde-base')
| -rw-r--r-- | kde-base/kvoctrain/ChangeLog | 10 | ||||
| -rw-r--r-- | kde-base/kvoctrain/Manifest | 17 | ||||
| -rw-r--r-- | kde-base/kvoctrain/files/digest-kvoctrain-3.4.1-r1 | 3 | ||||
| -rw-r--r-- | kde-base/kvoctrain/files/digest-kvoctrain-3.4.2-r1 | 1 | ||||
| -rw-r--r-- | kde-base/kvoctrain/files/post-3.4.2-kdeedu.diff | 63 | ||||
| -rw-r--r-- | kde-base/kvoctrain/kvoctrain-3.4.1-r1.ebuild | 14 | ||||
| -rw-r--r-- | kde-base/kvoctrain/kvoctrain-3.4.2-r1.ebuild | 14 |
7 files changed, 110 insertions, 12 deletions
diff --git a/kde-base/kvoctrain/ChangeLog b/kde-base/kvoctrain/ChangeLog index e4180e313375..ea3f3d40ec16 100644 --- a/kde-base/kvoctrain/ChangeLog +++ b/kde-base/kvoctrain/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for kde-base/kvoctrain # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/kde-base/kvoctrain/ChangeLog,v 1.14 2005/08/08 22:12:01 kloeri Exp $ +# $Header: /var/cvsroot/gentoo-x86/kde-base/kvoctrain/ChangeLog,v 1.15 2005/08/14 23:28:24 carlo Exp $ + +*kvoctrain-3.4.2-r1 (14 Aug 2005) +*kvoctrain-3.4.1-r1 (14 Aug 2005) + + 14 Aug 2005; Carsten Lohrke <carlo@gentoo.org> + +files/post-3.4.2-kdeedu.diff, +kvoctrain-3.4.1-r1.ebuild, + +kvoctrain-3.4.2-r1.ebuild: + temp file vulnerability, #102151 08 Aug 2005; Bryan Østergaard <kloeri@gentoo.org> kvoctrain-3.4.2.ebuild: ~alpha keyword. diff --git a/kde-base/kvoctrain/Manifest b/kde-base/kvoctrain/Manifest index 5877a96faf86..c5825824150b 100644 --- a/kde-base/kvoctrain/Manifest +++ b/kde-base/kvoctrain/Manifest @@ -1,16 +1,11 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 13b08d00ea3c4f83f8dba7074346116e ChangeLog 2188 MD5 8284d599d20f0383033231206708527e kvoctrain-3.4.1.ebuild 403 +MD5 0baf4607a66722193b4cc12ee98067d4 kvoctrain-3.4.2-r1.ebuild 350 +MD5 74c5f4eba971e762f711914236b50deb kvoctrain-3.4.1-r1.ebuild 451 MD5 ca8c48071edcecf35a1214f245c75ddc kvoctrain-3.4.2.ebuild 416 +MD5 8f08fec94e5daa1319b9c82c9363be88 ChangeLog 2433 MD5 acc03a4b12bb0433a57e95bd253b9501 metadata.xml 156 MD5 c5fa588b242d6077e2c13bc01f2e0761 files/digest-kvoctrain-3.4.1 208 MD5 0a69a5cb72c99f0ecc6f31877d6a228d files/digest-kvoctrain-3.4.2 67 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.2 (GNU/Linux) - -iD8DBQFC99i9Kf2g/qXtneoRAlayAKC3aPXh61ksq7k1j2n5KmDMuNUnmQCgtJLn -bMYU1FKDvyfUnD9F7U/Lrrg= -=/ml0 ------END PGP SIGNATURE----- +MD5 0e82c5810df3b04370188ba13cc50203 files/post-3.4.2-kdeedu.diff 1876 +MD5 c5fa588b242d6077e2c13bc01f2e0761 files/digest-kvoctrain-3.4.1-r1 208 +MD5 0a69a5cb72c99f0ecc6f31877d6a228d files/digest-kvoctrain-3.4.2-r1 67 diff --git a/kde-base/kvoctrain/files/digest-kvoctrain-3.4.1-r1 b/kde-base/kvoctrain/files/digest-kvoctrain-3.4.1-r1 new file mode 100644 index 000000000000..e56c0fb82557 --- /dev/null +++ b/kde-base/kvoctrain/files/digest-kvoctrain-3.4.1-r1 @@ -0,0 +1,3 @@ +MD5 c2aab0c4f6439abb6c0eb09413b6532c kdeedu-3.4.0.tar.bz2 23559284 +MD5 c79198c40ad9f34a47debbf4548c8363 kdeedu-3.4.0-3.4.1.tar.xdelta 651600 +MD5 9fa1db1cf500c0fc594b0f5d291bbf69 kdeedu-3.4.1.tar.bz2 24009520 diff --git a/kde-base/kvoctrain/files/digest-kvoctrain-3.4.2-r1 b/kde-base/kvoctrain/files/digest-kvoctrain-3.4.2-r1 new file mode 100644 index 000000000000..733395bad924 --- /dev/null +++ b/kde-base/kvoctrain/files/digest-kvoctrain-3.4.2-r1 @@ -0,0 +1 @@ +MD5 e2c5cc083868dd4c35c1b50e04eb40eb kdeedu-3.4.2.tar.bz2 24028133 diff --git a/kde-base/kvoctrain/files/post-3.4.2-kdeedu.diff b/kde-base/kvoctrain/files/post-3.4.2-kdeedu.diff new file mode 100644 index 000000000000..1d75c63bac18 --- /dev/null +++ b/kde-base/kvoctrain/files/post-3.4.2-kdeedu.diff @@ -0,0 +1,63 @@ +Index: kvoctrain/kvoctrain/langen2kvtml +=================================================================== +--- kvoctrain/kvoctrain/langen2kvtml (revision 443975) ++++ kvoctrain/kvoctrain/langen2kvtml (working copy) +@@ -89,6 +89,9 @@ + + require "flush.pl"; + use Getopt::Long; ++use File::Temp qw(tempdir); ++my $tmpdir = tempdir(TEMPDIR => 1, CLEANUP => 1 ); ++ + $/="\r\n"; # we work with dos files + + # +@@ -165,10 +168,6 @@ + $country="GB"; + } + +-# All logging information goes into this file +-$logfile = "/tmp/langen2kvtml.log"; +-open(LOG, ">$logfile") || die "Cannot create $logfile: $!"; +- + &printflush(STDOUT,"Waiting for generating files ...\n"); + $tmp1=$#ARGV+1; + &printflush(STDOUT,"... $tmp1 files given via command line ...\n"); +@@ -178,13 +177,11 @@ + if ($proxy) { + &printflush(STDOUT,"... using proxy service $proxy ...\n"); + } +- `lwp-request $proxy http://www.vokabeln.de/files/Voc-$country.zip >/tmp/Voc-$country.zip`; +- # unzip -u update only! +- # unzip -o overwrite! +- `unzip -u /tmp/Voc-$country.zip >/tmp/unzip.log`; ++ `lwp-request $proxy http://www.vokabeln.de/files/Voc-$country.zip >$tmpdir/Voc-$country.zip`; + &printflush(STDOUT,"... updating Voc-$country.zip ...\n"); + $/="\n"; # we work with a unix file +- open(ZIP,"</tmp/unzip.log"); ++ # unzip -u update only! ++ open(ZIP,"unzip -u $tmpdir/Voc-$country.zip |"); + while(<ZIP>) { + chomp; + if( /voc/ ) { +@@ -194,20 +191,16 @@ + } + } + close(ZIP); +- unlink("/tmp/unzip.log"); + $/="\r\n"; # we work with a dos file + } + + for my $file (@res, @ARGV) { + $vocfile = $file; +- &printflush(LOG,"... generating \"$kvtfile\"...\n"); + $lang = ""; # initially unset + $filestage = 0; # file stage + &process_vocfile($vocfile); + } + print STDERR "...\tAll Complete.\n"; +-&printflush(LOG,"\nAll Complete.\n"); +-close(LOG); + + exit; + diff --git a/kde-base/kvoctrain/kvoctrain-3.4.1-r1.ebuild b/kde-base/kvoctrain/kvoctrain-3.4.1-r1.ebuild new file mode 100644 index 000000000000..532c8abac4c9 --- /dev/null +++ b/kde-base/kvoctrain/kvoctrain-3.4.1-r1.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/kde-base/kvoctrain/kvoctrain-3.4.1-r1.ebuild,v 1.1 2005/08/14 23:28:24 carlo Exp $ +KMNAME=kdeedu +MAXKDEVER=$PV +KM_DEPRANGE="$PV $MAXKDEVER" +inherit kde-meta + +DESCRIPTION="KDE Educational: vocabulary trainer" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc x86" +IUSE="" +DEPEND="" + +PATCHES="${FILESDIR}/post-3.4.2-kdeedu.diff"
\ No newline at end of file diff --git a/kde-base/kvoctrain/kvoctrain-3.4.2-r1.ebuild b/kde-base/kvoctrain/kvoctrain-3.4.2-r1.ebuild new file mode 100644 index 000000000000..886176c3ba84 --- /dev/null +++ b/kde-base/kvoctrain/kvoctrain-3.4.2-r1.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/kde-base/kvoctrain/kvoctrain-3.4.2-r1.ebuild,v 1.1 2005/08/14 23:28:24 carlo Exp $ +KMNAME=kdeedu +MAXKDEVER=$PV +KM_DEPRANGE="$PV $MAXKDEVER" +inherit kde-meta + +DESCRIPTION="KDE Educational: vocabulary trainer" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="" +DEPEND="" + +PATCHES="${FILESDIR}/post-3.4.2-kdeedu.diff"
\ No newline at end of file |