[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: many scripts fail if /tmp/tempfile.$$ exists -> local DOS vulnerability

On Fri, 5 Sep 2003, Andreas Metzler wrote:

> Another question: tempfile(1) says:
> | Debian packages using tempfile in maintainer scripts must depend on
> | debianutils >= 1.6.
>
> tempfile 1.6 was released april 1997, i.e. it was probably included in
> Bo, or it for sure in Hamm. Shouldn't this sentence be removed, we
> don't support upgrades from Bo or Hamm to potato anyway.

What we "support" or we "don't support" regarding upgrades is not very
clear yet. It changes from developer to developer.

I believe supporting upgrades which skip one release (for example,
from oldstable to testing) should be a must, but unfortunately this is
not written anywhere.
Reply to: