Bug#685527: unblock: packagekit/0.7.6-1
Thank you for the kind help :-)
And regarding your question: I have very little experience in Perl and
all my Perl folks were busy that time when I did the change. I'll do
it the smarter way in PK 0.8.x series (not for Wheezy ;-P)
Thanks again for the hint!
Regards,
Matthias
2012/9/25 Julien Cristau <jcristau@debian.org>:
> On Mon, Sep 3, 2012 at 15:46:10 +0200, Matthias Klumpp wrote:
>
>> aptcc: Don't use tempfile with fixed name for conffiles:
>> Resolves security issue in Debian, tracked as RC bug #678189
>> See http://gitorious.org/packagekit/packagekit/commit/e6e33f54dcc9b0058134e0d2584c2ee110ca0340
>>
> It's a bit weird to see
> +(undef, $template_fname) = tempfile('/tmp/pkconffileXXXXXX', SUFFIX => '.template');
> followed by
> +open (TEMPLATE, ">$template_fname");
>
> Why not use the filehandle returned by tempfile?
>
> Anyway, unblocked the current version, sorry for the delay and thanks a
> lot for breaking down the changes.
>
> Cheers,
> Julien
Reply to: