+uudeview (0.5.20-2.1) unstable; urgency=low
+
+  * Fix possible (but highly unlikely) race in temporary file generation
+    (CAN-2004-2265), by passing the "x" (O_EXCL) flag to fopen when opening
+    such files. (Closes: #320541)
+
+ -- Steinar H. Gunderson <sesse@debian.org>  Wed, 14 Jun 2006 18:44:05 +0200
+

Index: uudeview-0.5.20/unix/uudeview.c
===================================================================
--- uudeview-0.5.20.orig/unix/uudeview.c
+++ uudeview-0.5.20/unix/uudeview.c
@@ -454,7 +454,7 @@ proc_stdin (void)
     return 0;
   }
 
-  if ((target = fopen (stdfile, "wb")) == NULL) {
+  if ((target = fopen (stdfile, "wbx")) == NULL) {
     fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n",
 	     stdfile, strerror (errno));
     _FP_free (stdfile);
Index: uudeview-0.5.20/uulib/uunconc.c
===================================================================
--- uudeview-0.5.20.orig/uulib/uunconc.c
+++ uudeview-0.5.20/uulib/uunconc.c
@@ -1325,9 +1325,9 @@ UUDecode (uulist *data)
     return UURET_NODATA;
 
   if (data->uudet == PT_ENCODED)
-    mode = "wt";	/* open text files in text mode */
+    mode = "wtx";	/* open text files in text mode */
   else
-    mode = "wb";	/* otherwise in binary          */
+    mode = "wbx";	/* otherwise in binary          */
 
   if ((data->binfile = tempnam (NULL, "uu")) == NULL) {
     UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
@@ -1502,7 +1502,7 @@ UUDecode (uulist *data)
       progress.action = 0;
       return UURET_NOMEM;
     }
-    if ((datain = fopen (data->binfile, "rb")) == NULL) {
+    if ((datain = fopen (data->binfile, "rbx")) == NULL) {
       UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
 		 uustring (S_NOT_OPEN_FILE),
 		 data->binfile, strerror (uu_errno = errno));