Debian Patches
Status for otf2bdf/3.1-5
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Fix-unsafe-tmp-handling.patch | Fix unsafe /tmp handling
otf2bdf opened a file in /tmp with a predictable name and without taking any precautions to ensure that it didn't already exist. This meant that it was trivial for a user other than the one running otf2bdf to cause trouble by creating those files ahead of time. This doesn't seem to be usefully exploitable on a default Debian system, though. This commit fixes the problem by using the tmpfile() function instead, which also has the benefit of somewhat simplifying the code, since there's no need to clean up the temporary file afterwards. |
Ben Harris <bjh21@bjh21.me.uk> | no | debian | 2024-10-30 | |
| args.patch | =================================================================== | no | ||||
| freetype2.patch | =================================================================== | no | ||||
| mkinstalldirs.patch | =================================================================== | no |