[Pkg-dspam-commits] [pkg-dspam-commits] r124 - trunk/debian
Kurt B. Kaiser
kbk-guest at alioth.debian.org
Sun Jan 13 19:44:05 UTC 2008
Author: kbk-guest
Date: Sun Jan 13 19:44:05 2008
New Revision: 124
Log:
Ack NMU - Adrian Friedli <adi at koalatux.ch> Sun, 13 Jan 2008 14:59:25 +0100
3.6.8-5.1:
Giving the password in libdspam7-drv-mysql cronjob in a file instead of
the command line. CVE-2007-6418[0] (Closes: #448519)
M debian/libdspam7-drv-mysql.cron.daily
M debian/changelog
Modified:
trunk/debian/changelog
trunk/debian/libdspam7-drv-mysql.cron.daily
Modified: trunk/debian/changelog
==============================================================================
--- trunk/debian/changelog (original)
+++ trunk/debian/changelog Sun Jan 13 19:44:05 2008
@@ -1,3 +1,18 @@
+dspam (3.6.8-6) unstable; urgency=low
+
+ [Kurt B. Kaiser]
+ * Acknowledge NMU. Thanks Adrian Friedli. (Closes: #448519)
+
+ -- Debian DSPAM Maintainers <pkg-dspam-misc at lists.alioth.debian.org> Sun, 13 Jan 2008 14:32:52 -0500
+
+dspam (3.6.8-5.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Giving the password in libdspam7-drv-mysql cronjob in a file instead of
+ the command line. CVE-2007-6418[0] (Closes: #448519)
+
+ -- Adrian Friedli <adi at koalatux.ch> Sun, 13 Jan 2008 14:59:25 +0100
+
dspam (3.6.8-5) unstable; urgency=high
[Kurt B. Kaiser]
Modified: trunk/debian/libdspam7-drv-mysql.cron.daily
==============================================================================
--- trunk/debian/libdspam7-drv-mysql.cron.daily (original)
+++ trunk/debian/libdspam7-drv-mysql.cron.daily Sun Jan 13 19:44:05 2008
@@ -5,6 +5,7 @@
DSPAMCONF=/etc/dspam/dspam.conf
MYSQLCONF=/etc/dspam/dspam.d/mysql.conf
PURGE=/usr/share/doc/libdspam7-drv-mysql/purge-4.1.sql
+MYSQLCONF_PASSWD=/var/run/libdspam7-drv-mysql.cron.passwd
if grep -q "^StorageDriver.*mysql_drv.so" $DSPAMCONF; then
if [ -x /usr/bin/mysql ]; then
@@ -13,17 +14,26 @@
MYSQL_DB="`grep "^MySQLDb" $MYSQLCONF | awk '{print $2}'`"
MYSQL_HOST="`grep "^MySQLServer" $MYSQLCONF | awk '{print $2}'`"
+ UMASK_OLD="`umask`"
+ umask 077
+ [ -e "$MYSQLCONF_PASSWD" ] && rm "$MYSQLCONF_PASSWD"
+ echo -e "[client]\npassword=$MYSQL_PASS" > "$MYSQLCONF_PASSWD"
+ umask "$UMASK_OLD"
+
# If host is empty or starting with a / assume it's localhost.
if [ -z "$MYSQL_HOST" ] || [ "${MYSQL_HOST:0:1}" = "/" ]; then
- /usr/bin/mysql --user=$MYSQL_USER --password=$MYSQL_PASS $MYSQL_DB < $PURGE
+ /usr/bin/mysql --defaults-extra-file=$MYSQLCONF_PASSWD --user=$MYSQL_USER $MYSQL_DB < $PURGE
else
if echo "$MYSQL_HOST" | grep "^/" > /dev/null 2>&1 ; then
# Assume it is a socket:
- /usr/bin/mysql --socket=$MYSQL_HOST --user=$MYSQL_USER --password=$MYSQL_PASS $MYSQL_DB < $PURGE
+ /usr/bin/mysql --defaults-extra-file=$MYSQLCONF_PASSWD --socket=$MYSQL_HOST --user=$MYSQL_USER < $PURGE
else
- /usr/bin/mysql --host=$MYSQL_HOST --user=$MYSQL_USER --password=$MYSQL_PASS $MYSQL_DB < $PURGE
+ /usr/bin/mysql --defaults-extra-file=$MYSQLCONF_PASSWD --host=$MYSQL_HOST --user=$MYSQL_USER < $PURGE
fi
fi
+
+ rm "$MYSQLCONF_PASSWD"
+
fi
fi
More information about the Pkg-dspam-commits
mailing list