--- apachetop-0.12.5.orig/src/apachetop.h +++ apachetop-0.12.5/src/apachetop.h @@ -244,7 +244,6 @@ #define NOV 307 #define DEC 268 -#define DEBUG_OUTPUT "/tmp/atop.debug" /* this can be overridden from config.h via ./configure --with-logfile .. */ #ifndef DEFAULT_LOGFILE --- apachetop-0.12.5.orig/src/apachetop.cc +++ apachetop-0.12.5/src/apachetop.cc @@ -1105,7 +1105,16 @@ FILE *d; va_list args; - if (cf.debug && (d = fopen(DEBUG_OUTPUT, "a"))) + static char fileName[1024] = {'\0'}; + + if ( !strlen( fileName ) ) + { + strcpy(fileName, "/tmp/atop.XXXXXX"); + mkdtemp(fileName); + strncat(fileName, "/debug", (sizeof(fileName)-1) ); + } + + if (cf.debug && (d = fopen(fileName, "a"))) { va_start(args, fmt); vfprintf(d, fmt, args); --- apachetop-0.12.5.orig/debian/docs +++ apachetop-0.12.5/debian/docs @@ -0,0 +1,2 @@ +README +ChangeLog --- apachetop-0.12.5.orig/debian/rules +++ apachetop-0.12.5/debian/rules @@ -0,0 +1,102 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + + + + +CFLAGS = -Wall -g + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + INSTALL_PROGRAM += -s +endif + +configure: configure-stamp +configure-stamp: + dh_testdir + # Add here commands to configure the package. + # Add here commands to configure the package. + ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --bindir=/usr/sbin --with-logfile=/var/log/apache/access.log --with-no-fam --with-no-kqueue + + touch configure-stamp + + +build: build-stamp + +build-stamp: configure-stamp + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + #/usr/bin/docbook-to-man debian/apachetop.sgml > apachetop.1 + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp + rm -f config.log config.status + + # Add here commands to clean up after the build process. + -$(MAKE) clean + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/apachetop. + $(MAKE) install DESTDIR=$(CURDIR)/debian/apachetop + rm -rf $(CURDIR)/debian/apachetop/usr/share/man/man1 + + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs ChangeLog + dh_installdocs -XChangeLog + dh_installexamples +# dh_install +# dh_installmenu +# dh_installdebconf +# dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime +# dh_installinit +# dh_installcron +# dh_installinfo + dh_installman man/apachetop.1 + dh_link + dh_strip + dh_compress + dh_fixperms +# dh_perl +# dh_python +# dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install configure --- apachetop-0.12.5.orig/debian/changelog +++ apachetop-0.12.5/debian/changelog @@ -0,0 +1,87 @@ +apachetop (0.12.5-1sarge1) stable-security; urgency=high + + * Non-maintainer upload by The Security Team. + * Fix insecure temporary file usage in debug output. + [CAN-2005-2660]. + + -- Steve Kemp Wed, 28 Sep 2005 01:05:50 +0000 + +apachetop (0.12.5-1) unstable; urgency=low + + * New upstream release. + * Improved compatability with GCC v3.4.x + + -- Steve Kemp Sat, 27 Nov 2004 15:26:17 +0000 + +apachetop (0.12-1) unstable; urgency=low + + * New upstream release. + (Closes: #261499) + * Use the new upstream manpage instead of our old and slightly + incorrect one. + (Closes: #257298) which highlighted one error in our own manpage. + * Applied patch to hopefully compile the package on AMD64. + (Closes: #258510) thanks to Andreas Jochens for the notice and fix. + (Patch sent upstream too). + * Added 'fam' as a dependancy, so that FAM support works correctly + + -- Steve Kemp Mon, 26 Jul 2004 15:08:31 +0000 + +apachetop (0.11-1) unstable; urgency=low + + * New upstream release. + (Closes: #245965) + * Correctly depend upon libreadline4, and build-depend upon libreadline4-dev + + -- Steve Kemp Mon, 26 Apr 2004 14:44:41 +0000 + +apachetop (0.10-1) unstable; urgency=low + + * New upstream release + + -- Steve Kemp Sun, 26 Jan 2004 16:24:08 +0000 + +apachetop (0.7-3) unstable; urgency=low + + * Applied patch to fix typo in manpage. + (Closes: 217127) thanks to Wayne Conrad + * Applied cleanup patch to fix manpage title, and install ChangeLog. + (Closes: 215816) thanks to Gunnar Wolf + + -- Steve Kemp Wed, 12 Nov 2003 23:21:02 +0000 + +apachetop (0.7-2) unstable; urgency=low + + * Fixed up title of the manpage. + * Removed duplicate changelog. + * Fixed lintian warnings. + Together these (Close: 215816) many thanks to Gunnar Wolf + * Updated standards version to 3.6.1 (no changes). + + -- Steve Kemp Sun, 19 Oct 2003 22:07:12 +0000 + +apachetop (0.7-1) unstable; urgency=low + + * New upstream release. + * Slowdown, I shall wait before this release gets into testing before + uploading any new upstreams. + + -- Steve Kemp Tues, 14 Oct 2003 22:39:32 +0000 + +apachetop (0.6-1) unstable; urgency=low + + * New upstream release. + * Included the upstream manpage instead of the previously written one. + * Fixed the build-deps to include libncurses5 which prevented several + successful builds. D'oh. + + -- Steve Kemp Sat, 11 Oct 2003 18:16:03 +0000 + +apachetop (0.4-1) unstable; urgency=low + + * Wrote manpage. + * Changed default logfile to be /var/log/apache/access.log + * Updated to Debian unstable repository (Closes: #213433) + + -- Steve Kemp Tue, 30 Sep 2003 15:11:42 +0100 + --- apachetop-0.12.5.orig/debian/control +++ apachetop-0.12.5/debian/control @@ -0,0 +1,21 @@ +Source: apachetop +Section: admin +Priority: optional +Maintainer: Steve Kemp +Build-Depends: debhelper (>= 4.0.0), libncurses5-dev, libreadline4-dev +Standards-Version: 3.6.1 + +Package: apachetop +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, fam +Description: Realtime Apache monitoring tool + Apache top is a curses-based realtime utility to display information + from a running copy of Apache. + . + It is modelled after the standard 'top' utility, and displays + information such as the requests pers second, bytes per second + and the most popular URLs displayed. + . + It must be run from a machine running Apache, as it works by + processing the logfiles found in /var/log/apache. + --- apachetop-0.12.5.orig/debian/compat +++ apachetop-0.12.5/debian/compat @@ -0,0 +1 @@ +4 --- apachetop-0.12.5.orig/debian/dirs +++ apachetop-0.12.5/debian/dirs @@ -0,0 +1,2 @@ +usr/sbin +usr/share/man/man8 \ No newline at end of file --- apachetop-0.12.5.orig/debian/copyright +++ apachetop-0.12.5/debian/copyright @@ -0,0 +1,12 @@ +This package was debianized by Steve Kemp on +Tue, 30 Sep 2003 15:11:42 +0100. + +It was downloaded from http://clueful.shagged.org/apachetop/ + +Upstream Author: Chris Elsworth + +This software is copyright (c) Chris Elsworth and licensed +under the terms of the BSD license. + +A copy of this license may be found in the following file +upon a Debian system: /usr/share/common-licenses/BSD.