blob: cb6cc79af0652be5c1c1d54aeb7eb41c80ec0394 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
From 5dd262d2db90dc44097131fb8f160772aed407ad Mon Sep 17 00:00:00 2001
From: Mikle Kolyada <zlogene@gentoo.org>
Date: Sun, 2 Jun 2019 14:50:27 +0300
Subject: [PATCH 6/6] latex2man: use predictable tmp
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668779
https://github.com/debian-tex/texlive-nonbin/commit/714dc72c87b917834570d32dee7231008df98832
https://bugs.gentoo.org/show_bug.cgi?id=432144
CVE-2012-2120 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2120)
---
texk/texlive/linked_scripts/latex2man/latex2man | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/texk/texlive/linked_scripts/latex2man/latex2man b/texk/texlive/linked_scripts/latex2man/latex2man
index e117d337..285c19fd 100755
--- a/texk/texlive/linked_scripts/latex2man/latex2man
+++ b/texk/texlive/linked_scripts/latex2man/latex2man
@@ -31,8 +31,6 @@ sub date2str;
$VERSION = "1.29";
$DATE = date2str ('$Date: 2018/11/25 13:05:37 $' =~ m|(\d+/\d+/\d+)|);
-$tmp = "/tmp/$CMD.$$";
-
##################################################################
# check option and arguments
##################################################################
@@ -2018,6 +2016,8 @@ if ($opt_t) {
open (my $SRC, "<$SrcFile") || die "$CMD: Can't open file \`$SrcFile' for reading.\n";
if ($opt_H || $opt_T) {
# DestFile will be written in the postprocess
+ $tmp = `mktemp` || die;
+ chomp $tmp;
open (DEST, ">$tmp") || die "$CMD: Can't open file \`$tmp' for writing.\n";
} else {
open (DEST, ">$DestFile") || die "$CMD: Can't open file \`$DestFile' for writing.\n";
--
2.21.0
|
GitWeb
