Add a patch for temporary file vulnerablilty (CVE-2007-6061), bug #199751. It will set the default temporary file location to the user home directory add discard preferences if it is in /tmp.

(Portage version: 2.1.4)

2 files changed, 25 insertions, 0 deletions

diff --git a/media-sound/audacity/files/CVE-2007-6061.patch b/media-sound/audacity/files/CVE-2007-6061.patch
new file mode 100644
index 000000000000..d80ae681ffb1
--- /dev/null
+++ b/media-sound/audacity/files/CVE-2007-6061.patch
@@ -0,0 +1,22 @@
+Index: audacity-src-1.3.4-beta/src/AudacityApp.cpp
+===================================================================
+--- audacity-src-1.3.4-beta.orig/src/AudacityApp.cpp
++++ audacity-src-1.3.4-beta/src/AudacityApp.cpp
+@@ -573,7 +573,7 @@ bool AudacityApp::OnInit()
+    // * The user's .audacity-files directory in their home directory
+    // * The "share" and "share/doc" directories in their install path
+    #ifdef __WXGTK__
+-   defaultTempDir.Printf(wxT("/tmp/audacity%d.%d-%s"), 
++   defaultTempDir.Printf(wxT("%s/.audacity%d.%d-%s"), home.c_str(),
+                          AUDACITY_VERSION, AUDACITY_RELEASE, wxGetUserId().c_str());
+    
+    wxString pathVar = wxGetenv(wxT("AUDACITY_PATH"));
+@@ -996,7 +996,7 @@ bool AudacityApp::InitTempDir()
+    wxString temp = wxT("");
+ 
+    #ifdef __WXGTK__
+-   if (tempFromPrefs.GetChar(0) != wxT('/'))
++   if (tempFromPrefs.GetChar(0) != wxT('/') || tempFromPrefs.compare(0,4, wxT("/tmp")) == 0)
+       tempFromPrefs = wxT("");
+    #endif
+ 
diff --git a/media-sound/audacity/files/digest-audacity-1.3.4-r1 b/media-sound/audacity/files/digest-audacity-1.3.4-r1
new file mode 100644
index 000000000000..2d4ac9d624db
--- /dev/null
+++ b/media-sound/audacity/files/digest-audacity-1.3.4-r1
@@ -0,0 +1,3 @@
+MD5 6c4ada9085f916b5ae1675eaa4754442 audacity-src-1.3.4.tar.bz2 4349381
+RMD160 754d81fb0e660d697e7c315c41f28584917e0a9e audacity-src-1.3.4.tar.bz2 4349381
+SHA256 102d60e48e1928f3fd995a214ed9ba872929c6365cf5f784f107f351b42499f9 audacity-src-1.3.4.tar.bz2 4349381