Skip to main content.

2003-Oct-31

ispell-base wouldn't build under Linux. After two patches and still more problems I started making new package with latest (although old) official ispell. It failed due to use of /usr/tmp (which I didn't have) in a shell script, munchlist. So I looked at it and noticed unsafe usage of temp files. I also built package using a newer patched ispell release called ispell-3.2.06.epa6. (It fixes some bugs, but still has security issues.)

I saw that Debian used mktemp to fix this. I saw it reported on a few mailing lists. I reported to developers (official and "epa"). They said no one had told them before.