A security issue has been reported in cmus, which can be exploited by

malicious, local users to perform certain actions with escalated
privileges.

The security issue is caused due to the "cmus-status-display" script using
temporary files in an insecure manner. This can be exploited to
e.g. overwrite arbitrary files via symlink attacks.

This commit fixes this issue.

audio/cmus/Makefile

@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.14 2008/11/17 13:30:34 ahoka Exp $
+# $NetBSD: Makefile,v 1.15 2008/12/17 23:49:57 ahoka Exp $
 #
 
 DISTNAME=		cmus-2.2.0
-PKGREVISION=		3
+PKGREVISION=		4
 CATEGORIES=		audio
 MASTER_SITES=		http://mirror.greaterscope.net/cmus/
 EXTRACT_SUFX=		.tar.bz2

audio/cmus/distinfo

@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.4 2008/11/17 13:30:34 ahoka Exp $
+$NetBSD: distinfo,v 1.5 2008/12/17 23:49:57 ahoka Exp $
 
 SHA1 (cmus-2.2.0.tar.bz2) = a6472633ac55660eb3aec5d2ae0296da86903bb2
 RMD160 (cmus-2.2.0.tar.bz2) = 1287666c16332ad34222461e29d8355ef607e7b5
@@ -7,3 +7,4 @@ SHA1 (patch-aa) = b5cd6e9c799ea581bfecd242130274c869ed2103
 SHA1 (patch-ab) = 1288149006ce37bd0ed69c020ae6e1992cb84743
 SHA1 (patch-ac) = 76f346d0338f38c3657f29851d717c62b89d0791
 SHA1 (patch-ad) = 8f750a81966d83839f7ca2d66728ce4a48072d73
+SHA1 (patch-ae) = 12565109f672b7bdeeb8b263952376eaaca25f53

audio/cmus/patches/patch-ae

@@ -0,0 +1,19 @@
+$NetBSD: patch-ae,v 1.1 2008/12/17 23:49:57 ahoka Exp $
+
+--- cmus-status-display.orig	2007-07-27 16:52:13.000000000 +0200
++++ cmus-status-display
+@@ -18,8 +18,13 @@
+ 
+ output()
+ {
++	# write status to stdout
++	echo "$*"
++
+ 	# write status to /tmp/cmus-status (not very useful though)
+-	echo "$*" >> /tmp/cmus-status 2>&1
++	# WARNING! This opens a vulnerability to overwrite files with
++	# symlink attack if you use a predictable filename in /tmp.
++	#echo "$*" >> /tmp/cmus-status 2>&1
+ 
+ 	# WMI (http://wmi.modprobe.de/)
+ 	#wmiremote -t "$*" &> /dev/null