Bug#637404: opu: aptitude: diff for NMU version 0.4.11.11-1~lenny2

To: submit@bugs.debian.org
Subject: Bug#637404: opu: aptitude: diff for NMU version 0.4.11.11-1~lenny2
From: Jonathan Wiltshire <jmw@debian.org>
Date: Thu, 11 Aug 2011 00:41:01 +0100
Message-id: <[🔎] 20110810234101.GA28878@lupin.home.powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 637404@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: opu

RT: please consider the attached patch for aptitude in Lenny, to fix a
security bug.

Maintainer: this is notice of an intent to NMU as attached.

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

diff -u aptitude-0.4.11.11/debian/changelog aptitude-0.4.11.11/debian/changelog
--- aptitude-0.4.11.11/debian/changelog
+++ aptitude-0.4.11.11/debian/changelog
@@ -1,3 +1,13 @@
+aptitude (0.4.11.11-1~lenny2) oldstable; urgency=low
+
+  * Non-maintainer upload.
+  * Backport of 0009-fix-symlink-attack:
+    Fix a potential symlink attack that could occur if a user
+    with no home directory edited and saved the package hierarchy
+    definitions. (Closes: #612034)
+
+ -- Jonathan Wiltshire <jmw@debian.org>  Wed, 10 Aug 2011 23:30:04 +0100
+
 aptitude (0.4.11.11-1~lenny1) testing-proposed-updates; urgency=low
 
   * Upload to testing-proposed-updates.
only in patch2:
unchanged:
--- aptitude-0.4.11.11.orig/src/edit_pkg_hier.cc
+++ aptitude-0.4.11.11/src/edit_pkg_hier.cc
@@ -1,6 +1,6 @@
 // edit_pkg_hier.cc
 //
-//   Copyright (C) 2000-2001, 2004-2006 Daniel Burrows
+//   Copyright (C) 2000-2001, 2004-2006, 2011 Daniel Burrows
 //
 //   This program is free software; you can redistribute it and/or
 //   modify it under the terms of the GNU General Public License as
@@ -332,18 +332,20 @@
   if(cw::config::global_bindings.key_matches(k, "SaveHier"))
     {
       string homedir = get_homedir();
-      string cfgfile;
 
       if(homedir.empty())
 	{
-	  show_message(_("Unable to look up your home directory, saving to /tmp/function_pkgs!"),
+          // This normally will not happen.  Don't default to a fixed
+          // filename to prevent symlink attacks. (Debian bug #612034)
+	  show_message(_("Unable to look up your home directory!"),
 		       NULL,
 		       cw::get_style("Error"));
-	  cfgfile = "/tmp/function_pkgs";
 	}
       else
-	cfgfile = homedir + "/.aptitude/function_pkgs";
-      save_hier(cfgfile);
+        {
+          string cfgfile = homedir + "/.aptitude/function_pkgs";
+          save_hier(cfgfile);
+        }
     }
   else if(cw::config::global_bindings.key_matches(k, "Quit"))
     {

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#637404: opu: aptitude: diff for NMU version 0.4.11.11-1~lenny2
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#637384: pu: package lintian/2.4.3+squeeze1
Next by Date: Bug#637405: pu: aptitude: diff for NMU version 0.6.3-3.2+squeeze1
Previous by thread: Re: Bug#637384: pu: package lintian/2.4.3+squeeze1
Next by thread: Bug#637404: opu: aptitude: diff for NMU version 0.4.11.11-1~lenny2
Index(es):
- Date
- Thread