# HG changeset patch
# User Romain Francoise <romain@orebokech.com>
# Date 1208543069 0
# Node ID bc3f03ffbdf9a2921701d99a83e966ad23bcef8b
# Parent  4a907fffb2c3b54088c945bfd0eea0f0b4028340
2008-04-18  Steve Grubb  <sgrubb@redhat.com>  (tiny change)

	* vcdiff: Use mktemp (CVE-2008-1694).

diff -r 4a907fffb2c3 -r bc3f03ffbdf9 lib-src/ChangeLog
--- a/lib-src/ChangeLog	Fri Apr 18 15:48:57 2008 +0000
+++ b/lib-src/ChangeLog	Fri Apr 18 18:24:29 2008 +0000
@@ -1,3 +1,7 @@
+2008-04-18  Steve Grubb  <sgrubb@redhat.com>  (tiny change)
+
+	* vcdiff: Use mktemp (CVE-2008-1694).
+
 2008-04-09  Jason Rumney  <jasonr@gnu.org>
 
 	* makefile.w32-in (distclean, maintainer-clean): New targets.
diff -r 4a907fffb2c3 -r bc3f03ffbdf9 lib-src/vcdiff
--- a/lib-src/vcdiff	Fri Apr 18 15:48:57 2008 +0000
+++ b/lib-src/vcdiff	Fri Apr 18 18:24:29 2008 +0000
@@ -84,14 +84,14 @@
 	case $f in
 	s.* | */s.*)
 		if
-			rev1=/tmp/geta$$
+			rev1=`mktemp /tmp/geta.XXXXXXXX`
 			get -s -p -k $sid1 "$f" > $rev1 &&
 			case $sid2 in
 			'')
 				workfile=`expr " /$f" : '.*/s.\(.*\)'`
 				;;
 			*)
-				rev2=/tmp/getb$$
+				rev2=`mktemp /tmp/getb.XXXXXXXX`
 				get -s -p -k $sid2 "$f" > $rev2
 				workfile=$rev2
 			esac