Bug in netpbm-progs version 9.24-10.90.1
Rick_Thomas
yellowdog-general@lists.terrasoftsolutions.com
Fri Jun 11 00:41:00 2004
I recently did a "yum update" after a fairly long hiatus. And lo and
behold, one of my cron scripts stopped working.
I tracked the problem down to a bug in the updated netpbm-progs package.
Specifically, the "anytopnm" program is a shell script that calls
"mktemp" with a "-t" option. A quick check of "man mktemp" shows that
mktemp has no such option.
I'm not sure how to get this problem report back to the appropriate
maintainers, since sourceforge indicates that the netpbm package is up
to version 10.22, so the YDL version is based on very old sourcecode --
presumably drawn from the Redhat 8 or 9 sources.
Checking the changelog, this seems to be part of a large security fix.
So, presumably "anytopnm" is not the only program affected. It just
happened to be the one that bit me.
If somebody knows how to get this back to the maintainers of whatever
version the YDL netpbm-progs package is based on, I'd appreciate a
heads-up.
Thanks!
Rick
==============================================
The fix is this patch:
*** /usr/bin/anytopnm Wed Apr 7 10:42:40 2004
--- ~/bin/anytopnm Fri Jun 11 01:08:47 2004
***************
*** 22,28 ****
fi
tmpfiles=""
! tmpdir=$(mktemp -d -t anytopnm.XXXXXXXXXX) || exit 1 #219019
# Take out all spaces
# Find the filename extension for last-ditch efforts later
--- 22,28 ----
fi
tmpfiles=""
! tmpdir=$(mktemp -d /tmp/anytopnm.XXXXXXXXXX) || exit 1 # fixed by Rick
# Take out all spaces
# Find the filename extension for last-ditch efforts later