freeze exception for proposed ncbi-tools6 upload?
Greetings, and happy holidays!
I am considering issuing a last-minute lenny-targeted upload of
ncbi-tools6 (via unstable, as I've kept potentially disruptive changes
to experimental) addressing two problems unearthed by archive-wide
scans: insecure temporary file usage (in an example script, assigned
CVE-2008-5149 but not reported in the BTS, and already fixed in
experimental) and undefined sprintf usage. The source changes would
be as follows:
Index: doc/fwd_check.sh
===================================================================
--- doc/fwd_check.sh (revision 363)
+++ doc/fwd_check.sh (working copy)
@@ -53,16 +53,17 @@
continue
fi
test "$x_status" = "READYING" && unset x_status
- ( echo ; sleep $delay_sec ) | telnet $x_host $x_port >/tmp/$$ 2>&1 &
+ tmpfile=`mktemp`
+ ( echo ; sleep $delay_sec ) | telnet $x_host $x_port >$tmpfile 2>&1 &
pid=$!
- trap 'rm -f /tmp/$$; kill $pid >/dev/null 2>&1' 1 2 15
+ trap 'rm -f $tmpfile; kill $pid >/dev/null 2>&1' 1 2 15
( sleep `expr $delay_sec + 2` && kill $pid ) >/dev/null 2>&1 &
guard=$!
wait $pid >/dev/null 2>&1
kill $guard >/dev/null 2>&1
test -n "$HTTP_CAF_EXTERNAL" || \
- cp="`tail +4 /tmp/$$ 2>/dev/null | grep -s '^[0-9]\{1,3\}[.][0-9]\{1,3\}[.][0-9]\{1,3\}[.][0-9]\{1,3\}:[0-9]\{1,5\}'`"
- grep -qs 'NCBI Firewall Daemon: Invalid ticket\. *Connection closed\.' /tmp/$$ >/dev/null 2>&1
+ cp="`tail +4 $tmpfile 2>/dev/null | grep -s '^[0-9]\{1,3\}[.][0-9]\{1,3\}[.][0-9]\{1,3\}[.][0-9]\{1,3\}:[0-9]\{1,5\}'`"
+ grep -qs 'NCBI Firewall Daemon: Invalid ticket\. *Connection closed\.' $tmpfile >/dev/null 2>&1
if [ $? -eq 0 ]; then
echo "${x_host}:${x_port} ${x_status:-OKAY}${cp:+ }${cp}"
elif [ -z "$x_status" ]; then
@@ -70,5 +71,5 @@
else
echo "${x_host}:${x_port} FAILED ( telnet $x_host $x_port )"
fi
- rm -f /tmp/$$
+ rm -f $tmpfile
done 2>&1 | grep -v 'Terminated'
Index: api/aliread.c
===================================================================
--- api/aliread.c (revision 363)
+++ api/aliread.c (working copy)
@@ -314,8 +314,7 @@
seqLinePtr = (SeqLineInfoPtr) rowPtr->data.ptrvalue;
if (seqLinePtr->junk != NULL)
- sprintf(seqLinePtr->sequence,"%s%s",seqLinePtr->sequence,
- seqLinePtr->junk);
+ strcat(seqLinePtr->sequence, seqLinePtr->junk);
if ((seqLinePtr->sequence != NULL) && (seqLinePtr->id == NULL))
{
Would you grant a freeze exception for such an upload, or is it too
late?
--
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
Finger amu@monk.mit.edu (NOT a valid e-mail address) for more info.
Reply to: