summaryrefslogtreecommitdiff
path: root/dev-perl/Clipboard/files
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /dev-perl/Clipboard/files
reinit the tree, so we can have metadata
Diffstat (limited to 'dev-perl/Clipboard/files')
-rw-r--r--dev-perl/Clipboard/files/Clipboard-0.130.0-insecure-tempfile.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/dev-perl/Clipboard/files/Clipboard-0.130.0-insecure-tempfile.patch b/dev-perl/Clipboard/files/Clipboard-0.130.0-insecure-tempfile.patch
new file mode 100644
index 000000000000..1fd452c61481
--- /dev/null
+++ b/dev-perl/Clipboard/files/Clipboard-0.130.0-insecure-tempfile.patch
@@ -0,0 +1,23 @@
+Description: Fix insecure use of temporary files.
+ This is CVE-2014-5509.
+Origin: vendor
+Bug: https://rt.cpan.org/Public/Bug/Display.html?id=98435
+Forwarded: https://rt.cpan.org/Public/Bug/Display.html?id=98435
+Author: gregor herrmann <gregoa@debian.org>
+Last-Update: 2016-08-13
+
+--- a/scripts/clipedit
++++ b/scripts/clipedit
+@@ -1,10 +1,11 @@
+ #!/usr/bin/perl
+ use strict;
+ use Clipboard;
++use File::Temp qw( tempfile );
+
+ my $orig = Clipboard->paste;
+
+-my $tmpfilename = "/tmp/clipedit$$";
++my ($tmpfile, $tmpfilename) = tempfile();
+ open my $tmpfile, ">$tmpfilename" or die "Failure to open $tmpfilename: $!";
+ print $tmpfile $orig;
+ close $tmpfile;
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 14:14:49 +0000