[Bug 909189] Re: Request for new upstream version 1.2 upgrade.
Julian Taylor
jtaylor.debian at googlemail.com
Fri Jan 6 13:11:15 UTC 2012
thanks for incorporating my suggestions. (note subprocess.check_ouput
only works with python2.7 which is fine in ubuntu but maybe not for all
your other users)
I saw another issue with insecure temporary file use in setnextalarm.py and alarm.py and most scripts.
please use tempfile.TemporaryFile in python and mkstemp in shellscripts so the tempfiles cannot be abused via race conditions.
E.g. the tmpfile data/scripts/wakeup is exploitable for privilige escalation and needs a security update in ubuntu oneiric.
Also please make sure the debdiff applies against the package currently in ubuntu, your last diff does not apply against debian/changelog and debian/control
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/909189
Title:
Request for new upstream version 1.2 upgrade.
Status in “wakeup” package in Ubuntu:
New
Bug description:
Adds some important features (user-defined hot text items/commands),
as well as some important bug fixes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wakeup/+bug/909189/+subscriptions
More information about the Ubuntu-sponsors
mailing list