notfound 623378 0.5.6.pl00-2 reassign 623378 libburn found 623378 0.8.0.pl00-2 fixed 1.0.4.pl00-1 tags 623378 + patch thanks The patch Thomas Schmitt referred to from here: http://libburnia-project.org/changeset/3537/libburn/trunk is attached below in debdiff form (applies cleanly to 0.8.0.pl00-2), and resolves the permissions of test.iso from the simple use case: rm -f test.iso umask 022 mkdir test touch test/test xorriso -as mkisofs test -o test.iso I propose this patch for the next stable release to resolve #623378. If that's OK, please let me know and i'll upload to proposed-updates. Regards, --dkg
diff -u libburn-0.8.0.pl00/debian/changelog libburn-0.8.0.pl00/debian/changelog
--- libburn-0.8.0.pl00/debian/changelog
+++ libburn-0.8.0.pl00/debian/changelog
@@ -1,3 +1,10 @@
+libburn (0.8.0.pl00-2+squeeze1) stable; urgency=low
+
+ * Do not create images with overly-restrictive permissions
+ (Closes: #623378)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 19 Apr 2011 21:19:16 -0400
+
libburn (0.8.0.pl00-2) unstable; urgency=low
* Do not install gifs in the doc package, since newer doxygen
only in patch2:
unchanged:
--- libburn-0.8.0.pl00.orig/libburn/write.c
+++ libburn-0.8.0.pl00/libburn/write.c
@@ -2014,7 +2014,8 @@
int sector_size, int flag)
{
-/* <<< We need _LARGEFILE64_SOURCE defined by the build system.
+/* We normally need _LARGEFILE64_SOURCE defined by the build system.
+ Nevertheless the system might use large address integers by default.
*/
#ifndef O_LARGEFILE
#define O_LARGEFILE 0
@@ -2030,7 +2031,8 @@
if (fd >= 0)
fd = dup(fd); /* check validity and make closeable */
else
- fd = open(d->devname, mode, S_IRUSR | S_IWUSR);
+ fd = open(d->devname, mode,
+ S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
if (fd == -1) {
libdax_msgs_submit(libdax_messenger, d->global_index,
0x00020005,
Attachment:
signature.asc
Description: OpenPGP digital signature