[Python-modules-commits] r10771 - in packages/python-docutils/branches/0.5-2/debian (3 files)

Sun Dec 13 22:35:39 UTC 2009

Date: Sunday, December 13, 2009 @ 22:35:38
  Author: jwilk-guest
Revision: 10771

Backport fix for #560755 to lenny.

Added:
  packages/python-docutils/branches/0.5-2/debian/patches/18_emacs_temporary_files.dpatch
Modified:
  packages/python-docutils/branches/0.5-2/debian/changelog
  packages/python-docutils/branches/0.5-2/debian/patches/00list

Modified: packages/python-docutils/branches/0.5-2/debian/changelog
===================================================================

--- packages/python-docutils/branches/0.5-2/debian/changelog	2009-12-13 21:40:08 UTC (rev 10770)
+++ packages/python-docutils/branches/0.5-2/debian/changelog	2009-12-13 22:35:38 UTC (rev 10771)
@@ -1,3 +1,11 @@
+python-docutils (0.5-2+lenny1) UNRELEASED; urgency=high
+
+  * Fix insecure use of temporary files in the Emacs major mode for
+    reStructuredText (closes: #560755). Thanks to Kumar Appaiah for helping to
+    deal with this bug.
+
+ -- Jakub Wilk <ubanus at users.sf.net>  Sun, 13 Dec 2009 23:19:10 +0100
+
 python-docutils (0.5-2) unstable; urgency=low
 
   * Upload docutils 0.5 to unstable

Modified: packages/python-docutils/branches/0.5-2/debian/patches/00list
===================================================================
--- packages/python-docutils/branches/0.5-2/debian/patches/00list	2009-12-13 21:40:08 UTC (rev 10770)
+++ packages/python-docutils/branches/0.5-2/debian/patches/00list	2009-12-13 22:35:38 UTC (rev 10771)
@@ -5,3 +5,4 @@
 15_emacs_debian_paths.dpatch
 16_disable_picins.dpatch
 17_speed_up_rst_el.dpatch
+18_emacs_temporary_files.dpatch

Added: packages/python-docutils/branches/0.5-2/debian/patches/18_emacs_temporary_files.dpatch
===================================================================
--- packages/python-docutils/branches/0.5-2/debian/patches/18_emacs_temporary_files.dpatch	                        (rev 0)
+++ packages/python-docutils/branches/0.5-2/debian/patches/18_emacs_temporary_files.dpatch	2009-12-13 22:35:38 UTC (rev 10771)
@@ -0,0 +1,60 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 18_emacs_temporary_files.dpatch by Jakub Wilk <ubanus at users.sf.net>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix insecure use of temporary files
+
+ at DPATCH@
+
+Description: Fix insecure use of temporary files
+ in the Emacs major mode for reStructuredText (rst.el).
+Author: Jakub Wilk <ubanus at users.sf.net>
+Bug-Debian: http://bugs.debian.org/560755
+Last-Update: 2009-12-13
+
+diff --git a/tools/editors/emacs/rst.el b/tools/editors/emacs/rst.el
+--- a/tools/editors/emacs/rst.el
++++ b/tools/editors/emacs/rst.el
+@@ -3273,13 +3273,32 @@
+      "rst2pseudoxml"
+      standard-output)))
+ 
++(defvar rst-temp-dir nil)
++(make-variable-buffer-local 'rst-temp-dir)
++
++(defun rst-get-temp-dir ()
++  (or rst-temp-dir
++    (setq rst-temp-dir 
++      (file-name-as-directory (make-temp-file "rst-" t))
++    )
++  )
++)
++
++(defun rst-remove-temp-dir ()
++  (require 'dired)
++  (if rst-temp-dir (dired-delete-file rst-temp-dir 'always))
++)
++
++(add-hook 'kill-buffer-hook 'rst-remove-temp-dir)
++(add-hook 'kill-emacs-hook 'rst-remove-temp-dir)
++
+ (defvar rst-pdf-program "xpdf"
+   "Program used to preview PDF files.")
+ 
+ (defun rst-compile-pdf-preview ()
+   "Convert the document to a PDF file and launch a preview program."
+   (interactive)
+-  (let* ((tmp-filename "/tmp/out.pdf")
++  (let* ((tmp-filename (concat (rst-get-temp-dir) "out.pdf"))
+ 	 (command (format "rst2pdf.py %s %s && %s %s"
+ 			  buffer-file-name tmp-filename
+ 			  rst-pdf-program tmp-filename)))
+@@ -3294,7 +3313,7 @@
+ (defun rst-compile-slides-preview ()
+   "Convert the document to an S5 slide presentation and launch a preview program."
+   (interactive)
+-  (let* ((tmp-filename "/tmp/slides.html")
++  (let* ((tmp-filename (concat (rst-get-temp-dir) "slides.html"))
+ 	 (command (format "rst2s5 %s %s && %s %s"
+ 			  buffer-file-name tmp-filename
+ 			  rst-slides-program tmp-filename)))


