1 files changed, 38 insertions, 0 deletions

diff --git a/latex2man-use-predictable-tmp.patch b/latex2man-use-predictable-tmp.patch
new file mode 100644
index 0000000..cb6cc79
--- /dev/null
+++ b/latex2man-use-predictable-tmp.patch
@@ -0,0 +1,38 @@
+From 5dd262d2db90dc44097131fb8f160772aed407ad Mon Sep 17 00:00:00 2001
+From: Mikle Kolyada <zlogene@gentoo.org>
+Date: Sun, 2 Jun 2019 14:50:27 +0300
+Subject: [PATCH 6/6] latex2man: use predictable tmp
+
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668779
+https://github.com/debian-tex/texlive-nonbin/commit/714dc72c87b917834570d32dee7231008df98832
+https://bugs.gentoo.org/show_bug.cgi?id=432144
+CVE-2012-2120 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2120)
+---
+ texk/texlive/linked_scripts/latex2man/latex2man | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/texk/texlive/linked_scripts/latex2man/latex2man b/texk/texlive/linked_scripts/latex2man/latex2man
+index e117d337..285c19fd 100755
+--- a/texk/texlive/linked_scripts/latex2man/latex2man
++++ b/texk/texlive/linked_scripts/latex2man/latex2man
+@@ -31,8 +31,6 @@ sub date2str;
+ $VERSION = "1.29";
+ $DATE    = date2str ('$Date: 2018/11/25 13:05:37 $' =~ m|(\d+/\d+/\d+)|);
+ 
+-$tmp = "/tmp/$CMD.$$";
+-
+ ##################################################################
+ # check option and arguments
+ ##################################################################
+@@ -2018,6 +2016,8 @@ if ($opt_t) {
+ open (my $SRC, "<$SrcFile") || die "$CMD: Can't open file \`$SrcFile' for reading.\n";
+ if ($opt_H || $opt_T) {
+     # DestFile will be written in the postprocess
++    $tmp = `mktemp` || die;
++    chomp $tmp;
+     open (DEST, ">$tmp")      || die "$CMD: Can't open file \`$tmp' for writing.\n";
+ } else {
+     open (DEST, ">$DestFile") || die "$CMD: Can't open file \`$DestFile' for writing.\n";
+-- 
+2.21.0
+