Bug#344029: Patch to fix this security bug

[Don Armstrong]

tag 344029 patch
thanks

Attached is the patch for the NMU that I am preparing; I will upload
it to a delay queue sometime tomorrow (assuming it checks out when
I've had more sleep.)



Don Armstrong

-- 
"A one-question geek test. If you get the joke, you're a geek: Seen on
a California license plate on a VW Beetle: 'FEATURE'..."
 -- Joshua D. Wachs - Natural Intelligence, Inc.

http://www.donarmstrong.com              http://rzlab.ucr.edu
-------------- next part --------------
diff -u libmail-audit-perl-2.1/Audit.pm libmail-audit-perl-2.1/Audit.pm
--- libmail-audit-perl-2.1/Audit.pm
+++ libmail-audit-perl-2.1/Audit.pm
@@ -4,7 +4,13 @@
 
 my $logging;
 my $loglevel=3;
-my $logfile = "/tmp/".getpwuid($>)."-audit.log";
+my $logfile;
+if (exists $ENV{HOME} and defined $ENV{HOME} and -d $ENV{HOME}) {
+     $logfile = "$ENV{HOME}/.mail_audit.log"
+}
+else {
+     (undef,$logfile) = tempfile("mail_audit.log-XXXXX",TMPDIR=>1);
+}
 
 # ----------------------------------------------------------
 # no user-modifiable parts below this line.
@@ -18,6 +24,7 @@
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK $ASSUME_MSGPREFIX);
 # @ISA will depend on whether the message is MIME; if it is, we'll be MIME::Entity.  if not, we'll be Mail::Internet.
 use Fcntl ':flock';
+use File::Temp qw(tempfile);
 
 $ASSUME_MSGPREFIX = 0;
 
diff -u libmail-audit-perl-2.1/debian/changelog libmail-audit-perl-2.1/debian/changelog
--- libmail-audit-perl-2.1/debian/changelog
+++ libmail-audit-perl-2.1/debian/changelog
@@ -1,3 +1,13 @@
+libmail-audit-perl (2.1-5.1) unstable; urgency=high
+
+  * NMU
+  * [SECURITY] Fix insecure tempfile creation with trivially guessable
+    filename (Closes: #344029)
+  * [SECURITY] Fix analogous insecure tempdir creation with trivially
+    guessable directory name
+
+ -- Don Armstrong <don at debian.org>  Wed,  4 Jan 2006 01:51:30 -0800
+
 libmail-audit-perl (2.1-5) unstable; urgency=low
 
   * Add missing dependency on libmail-listdetector-perl (Closes: #29364)
only in patch2:
unchanged:
--- libmail-audit-perl-2.1.orig/Audit/MimeEntity.pm
+++ libmail-audit-perl-2.1/Audit/MimeEntity.pm
@@ -4,6 +4,7 @@
 
 use strict;
 use File::Path;
+use File::Temp qw(tempdir)
 use MIME::Parser;
 use MIME::Entity;
 use Mail::Audit::MailInternet;
@@ -12,10 +13,12 @@
 
 $VERSION = '2.0';
 
-$MIME_PARSER_TMPDIR = "/tmp/".getpwuid($>)."-mailaudit";
-
 my $parser = MIME::Parser->new();
 
+# Create a tempdir using File::Temp::tempdir, have it be destroyed at
+# END{} time.
+$MIME_PARSER_TMPDIR = tempdir(CLEANUP => 1);
+
 my @to_rmdir;
 
 sub autotype_new { 
@@ -23,8 +26,6 @@
     my $mailinternet = shift;
 
     $parser->ignore_errors(1);
-    mkdir ($MIME_PARSER_TMPDIR, 0777);
-    if (! -d $MIME_PARSER_TMPDIR) { $MIME_PARSER_TMPDIR = "/tmp" }
     $parser->output_under($MIME_PARSER_TMPDIR);
 
     # todo: add eval error trapping.  if there's a problem, return Mail::Audit::MailInternet as a fallback.