From 50993e3328b6805cf541d612bac341220b460457 Mon Sep 17 00:00:00 2001
From: Archaic <archaic@linuxfromscratch.org>
Date: Sat, 8 Oct 2005 18:33:50 +0000
Subject: Added patch to fix vulnerable tempfile creation texinfo.

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@6983 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
---
 chapter06/texinfo.xml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'chapter06')

diff --git a/chapter06/texinfo.xml b/chapter06/texinfo.xml
index 0cab8d0ae..292963d7e 100644
--- a/chapter06/texinfo.xml
+++ b/chapter06/texinfo.xml
@@ -31,6 +31,11 @@ Diffutils, GCC, Gettext, Glibc, Grep, Make, Ncurses, and Sed</seg></seglistitem>
 <sect2 role="installation">
 <title>Installation of Texinfo</title>
 
+<para>Texinfo allows local users to overwrite arbitrary files via a symlink
+attack on temporary files. Apply the following patch to fix this:</para>
+
+<screen><userinput>patch -Np1 -i ../&texinfo-tempfile_fix-patch;</userinput></screen>
+
 <para>Prepare Texinfo for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr</userinput></screen>
-- 
cgit v1.2.3-54-g00ecf