* [e2232fc] Backport patch to fix CVE-2009-5023: Insecure creation of tempfile (Closes: #544232)

2012-02-16 10:21:26 -05:00 · 2012-02-16 10:21:26 -05:00 · 5dcfc588f0
parent 95a28f3c65
commit 5dcfc588f0
5 changed files with 12 additions and 4 deletions
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@ -206,5 +206,5 @@ dest = reports@dshield.org
 # Notes.:  Base name of temporary files used for buffering
 # Values:  [ STRING ]  Default: /tmp/fail2ban-dshield
 #
-tmpfile = /tmp/fail2ban-dshield
+tmpfile = /var/run/fail2ban/tmp-dshield

--- a/config/action.d/mail-buffered.conf
+++ b/config/action.d/mail-buffered.conf
@ -81,7 +81,7 @@ lines = 5

 # Default temporary file
 #
-tmpfile = /tmp/fail2ban-mail.txt
+tmpfile = /var/run/fail2ban/tmp-mail.txt

 # Destination/Addressee of the mail
 #
--- a/config/action.d/mynetwatchman.conf
+++ b/config/action.d/mynetwatchman.conf
@ -141,4 +141,4 @@ mnwurl = http://mynetwatchman.com/insertwebreport.asp
 # Notes.:  Base name of temporary files
 # Values:  [ STRING ]  Default: /tmp/fail2ban-mynetwatchman
 #
-tmpfile = /tmp/fail2ban-mynetwatchman
+tmpfile = /var/run/fail2ban/tmp-mynetwatchman
--- a/config/action.d/sendmail-buffered.conf
+++ b/config/action.d/sendmail-buffered.conf
@ -101,5 +101,5 @@ lines = 5

 # Default temporary file
 #
-tmpfile = /tmp/fail2ban-mail.txt
+tmpfile = /var/run/fail2ban/tmp-mail.txt

--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,11 @@
+fail2ban (0.8.4-3+squeeze1) stable; urgency=low
+
+  * Non-maintainer upload.
+  * [e2232fc] Backport patch to fix CVE-2009-5023: Insecure creation of
+    tempfile (Closes: #544232, #635746)
+
+ -- Jonathan Wiltshire <jmw@debian.org>  Thu, 28 Jul 2011 14:14:17 +0100
+
 fail2ban (0.8.4-3) unstable; urgency=low

  * Commenting out named-refused-udp jail and providing even fatter