diff options
| author | Romain Francoise <romain@orebokech.com> | 2008-04-18 18:27:25 +0000 |
|---|---|---|
| committer | Romain Francoise <romain@orebokech.com> | 2008-04-18 18:27:25 +0000 |
| commit | 3f6a8750b625a82309d546f50075d1cd5d9654bd (patch) | |
| tree | 2230be79b6c73ebecd84c40b6fddeb2867f6dd99 /lib-src | |
| parent | 032dd9c4e6d861ba40569b6a04daa9c7be690a91 (diff) | |
| download | emacs-3f6a8750b625a82309d546f50075d1cd5d9654bd.tar.gz | |
2008-04-18 Steve Grubb <sgrubb@redhat.com> (tiny change)
* vcdiff: Use mktemp (CVE-2008-1694).
Diffstat (limited to 'lib-src')
| -rw-r--r-- | lib-src/ChangeLog | 4 | ||||
| -rwxr-xr-x | lib-src/vcdiff | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog index 2ed5830d550..63cc416cad7 100644 --- a/lib-src/ChangeLog +++ b/lib-src/ChangeLog @@ -1,3 +1,7 @@ +2008-04-18 Steve Grubb <sgrubb@redhat.com> (tiny change) + + * vcdiff: Use mktemp (CVE-2008-1694). + 2008-04-10 Jason Rumney <jasonr@gnu.org> * makefile.w32-in (CLIENTRES): New variable and target. diff --git a/lib-src/vcdiff b/lib-src/vcdiff index 86b80bcdacd..cb977709db0 100755 --- a/lib-src/vcdiff +++ b/lib-src/vcdiff @@ -84,14 +84,14 @@ do case $f in s.* | */s.*) if - rev1=/tmp/geta$$ + rev1=`mktemp /tmp/geta.XXXXXXXX` get -s -p -k $sid1 "$f" > $rev1 && case $sid2 in '') workfile=`expr " /$f" : '.*/s.\(.*\)'` ;; *) - rev2=/tmp/getb$$ + rev2=`mktemp /tmp/getb.XXXXXXXX` get -s -p -k $sid2 "$f" > $rev2 workfile=$rev2 esac |