Bug#1029913: Fwd: Bug#1029913: texlive-pictures: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu: /tmp write vulnerability

[Frank Heckenbach <f.heckenbach@fh-soft.de>]

Siep Kroonenberg wrote:

> The problem was that the test was specifically for a file rather
> than for any filesystem item.
> 
> In the updated TL package, the test has been removed altogether
> since there was already a later test for successful generation of a
> temp subdirectory.
> 
> The updated package is now available as both a CTAN package and a TL
> package.

I tried it, and it fixes the problem as I reported.

Of course, chdir into /tmp is a bit risky as any file creation
before the next chdir would be susceptible to the same problem, but
I assume you made sure this won't happen.

BTW, when looked at the changes made, I noticed this:

      io.stdout:write('cannot cd into '..d..'\n')

I don't know much about Lua conventions, but normally I'd expect
such messages to be written to stderr, not stdout.