diff options
Diffstat (limited to 'emacs/23.4/16_all_gnus-fun-tmpfile.patch')
| -rw-r--r-- | emacs/23.4/16_all_gnus-fun-tmpfile.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/emacs/23.4/16_all_gnus-fun-tmpfile.patch b/emacs/23.4/16_all_gnus-fun-tmpfile.patch deleted file mode 100644 index 18adf49..0000000 --- a/emacs/23.4/16_all_gnus-fun-tmpfile.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix insecure use of temporary files. -Patch from upstream bzr, backported to Emacs 23.4. -https://bugs.gentoo.org/509830 -CVE-2014-3421 - -revno: 117066 -fixes bug: http://bugs.debian.org/747100 -committer: Glenn Morris <rgm@gnu.org> -branch nick: emacs-24 -timestamp: Mon 2014-05-05 20:50:51 -0700 -message: - * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name. - ---- emacs-23.4-orig/lisp/gnus/gnus-fun.el -+++ emacs-23.4/lisp/gnus/gnus-fun.el -@@ -260,20 +260,21 @@ - (interactive) - (shell-command "xawtv-remote snap ppm") - (let ((file nil) -+ (tempfile (make-temp-file "gnus-face-" nil ".ppm")) - result) - (while (null (setq file (directory-files "/tftpboot/sparky/tmp" - t "snap.*ppm"))) - (sleep-for 1)) - (setq file (car file)) - (shell-command -- (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm > /tmp/gnus.face.ppm" -- file)) -+ (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm >> %s" -+ file tempfile)) - (let ((gnus-convert-image-to-face-command - (format "cat '%%s' | ppmquant %%d | ppmchange %s | pnmtopng" - (gnus-fun-ppm-change-string)))) -- (setq result (gnus-face-from-file "/tmp/gnus.face.ppm"))) -+ (setq result (gnus-face-from-file tempfile))) - (delete-file file) -- ;;(delete-file "/tmp/gnus.face.ppm") -+ ;;(delete-file tempfile) ; FIXME why are we not deleting it?! - result)) - - (defun gnus-fun-ppm-change-string () |