Julien Danjou
2008-Aug-25 08:39 UTC
[Pkg-xen-changes] r605 - in trunk/xen-3/debian: . patches
Author: acid Date: Mon Aug 25 08:39:56 2008 New Revision: 605 Log: Prevent symlink attack from qemu-dm.debug script and fix arch recognition (Closes: #496367) Added: trunk/xen-3/debian/patches/tools-ioemu-dm.diff (contents, props changed) Modified: trunk/xen-3/debian/changelog trunk/xen-3/debian/patches/series Modified: trunk/xen-3/debian/changelog =============================================================================--- trunk/xen-3/debian/changelog (original) +++ trunk/xen-3/debian/changelog Mon Aug 25 08:39:56 2008 @@ -1,3 +1,10 @@ +xen-3 (3.2.1-3) UNRELEASED; urgency=low + + * Prevent symlink attack from qemu-dm.debug script and fix arch + recognition (Closes: #496367) + + -- Julien Danjou <acid at debian.org> Mon, 25 Aug 2008 10:01:29 +0200 + xen-3 (3.2.1-2) unstable; urgency=low * Use e2fslibs based ext2 support for pygrub. (closes: #476366) Modified: trunk/xen-3/debian/patches/series =============================================================================--- trunk/xen-3/debian/patches/series (original) +++ trunk/xen-3/debian/patches/series Mon Aug 25 08:39:56 2008 @@ -16,3 +16,4 @@ tools-misc-xend-race.diff doc-remove-unused.diff tools-blktap-crypto.patch +tools-ioemu-dm.diff Added: trunk/xen-3/debian/patches/tools-ioemu-dm.diff =============================================================================--- (empty file) +++ trunk/xen-3/debian/patches/tools-ioemu-dm.diff Mon Aug 25 08:39:56 2008 @@ -0,0 +1,18 @@ +diff -Nur xen-3-3.2.1/tools/ioemu/target-i386-dm/qemu-dm.debug xen-3/tools/ioemu/target-i386-dm/qemu-dm.debug +--- xen-3-3.2.1/tools/ioemu/target-i386-dm/qemu-dm.debug 2008-05-12 13:01:56.000000000 +0200 ++++ xen-3/tools/ioemu/target-i386-dm/qemu-dm.debug 2008-08-25 10:31:15.000000000 +0200 +@@ -1,10 +1,11 @@ + #!/bin/sh + +-if [ "`arch`" = "x86_64" ]; then ++if [ "`uname -m`" = "x86_64" ]; then + LIBDIR="lib64" + else + LIBDIR="lib" + fi +-echo $* > /tmp/args +-echo $DISPLAY >> /tmp/args ++TMPFILE=`mktemp` ++echo $* > $TMPFILE ++echo $DISPLAY >> $TMPFILE + exec /usr/$LIBDIR/xen/bin/qemu-dm $*