Accepted cdrtools 4:2.0+a38-1ubuntu4 (source)

[Martin Pitt]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 24 Mar 2005 10:20:03 +0100
Source: cdrtools
Binary: cdrtools-doc cdda2wav mkisofs cdrecord
Architecture: source
Version: 4:2.0+a38-1ubuntu4
Distribution: hoary
Urgency: low
Maintainer: Joerg Jaspert <joerg at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 cdda2wav   - Creates WAV files from audio CDs
 cdrecord   - command line CD writing tool
 cdrtools-doc - Documentation for the cdrtools package-suite
 mkisofs    - Creates ISO-9660 CD-ROM filesystem images
Changes: 
 cdrtools (4:2.0+a38-1ubuntu4) hoary; urgency=low
 .
   * SECURITY UPDATE: Fix insecure temporary file handling.
   * 23_debug_tmpfile.dpatch:
     - rscsi/rscsi.c: Do not blindly open the temporary file for debugging
       (which defaults to being in /tmp), but check if it already exists and
       exit if so. This avoids symlink attacks.
     - rscsi/rscsi.dfl: Do not recommend to use /tmp/ as output directory for
       debugging to avoid DoS situations when the temporary file already
       exists.
    - Note: Debugging is disabled by default.
    - Thanks to Javier Fernández-Sanguino Peña <jfs at computer.org> for spotting
      this and the patch.
    - References:
      http://bugs.debian.org/291376
Files: 
 2046d8ca05ca5b1f834f9d8e6367065a 748 otherosfs optional cdrtools_2.0+a38-1ubuntu4.dsc
 75ff05d6fcaa9aaebccab72cbed9a15d 110497 otherosfs optional cdrtools_2.0+a38-1ubuntu4.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCQofpDecnbV4Fd/IRAh+VAKDlKwsIMsP8aYi+IAsmTxSu7+TXhACeP0Yv
o5ngDV7dQUU/oUORWyLPreI=
=9wqP
-----END PGP SIGNATURE-----


Accepted:
cdrtools_2.0+a38-1ubuntu4.diff.gz
  to pool/main/c/cdrtools/cdrtools_2.0+a38-1ubuntu4.diff.gz
cdrtools_2.0+a38-1ubuntu4.dsc
  to pool/main/c/cdrtools/cdrtools_2.0+a38-1ubuntu4.dsc