This patch fixes an issues where temporary files were created in an insecure
way.

It was first intruduced in version 3.8.3-7 and fixes
http://bugs.debian.org/438540
--- a/src/tag_file.cpp
+++ b/src/tag_file.cpp
@@ -242,8 +242,8 @@
     strcpy(sTempFile, filename.c_str());
     strcat(sTempFile, sTmpSuffix.c_str());
 
-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
-    // This section is for Windows folk && gcc 3.x folk
+#if !defined(HAVE_MKSTEMP)
+    // This section is for Windows folk
     fstream tmpOut;
     createFile(sTempFile, tmpOut);
 
@@ -257,7 +257,7 @@
       tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#else //!defined(HAVE_MKSTEMP)
 
     // else we gotta make a temp file, copy the tag into it, copy the
     // rest of the old file after the tag, delete the old file, rename
@@ -270,7 +270,7 @@
       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
     }
 
-    ofstream tmpOut(fd);
+    ofstream tmpOut(sTempFile);
     if (!tmpOut)
     {
       tmpOut.close();
@@ -285,14 +285,14 @@
     uchar tmpBuffer[BUFSIZ];
     while (file)
     {
-      file.read(tmpBuffer, BUFSIZ);
+      file.read((char *)tmpBuffer, BUFSIZ);
       size_t nBytes = file.gcount();
-      tmpOut.write(tmpBuffer, nBytes);
+      tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
     close(fd); //closes the file
 
-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#endif ////!defined(HAVE_MKSTEMP)
 
     tmpOut.close();
     file.close();
/log/gnu/packages/debian.scm'>
<input type='hidden' name='id' value='ca080b3efb726a4d63838f1eeaf2036a6c2d8dad'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=ca080b3efb726a4d63838f1eeaf2036a6c2d8dad'>root</a>/<a href='/guix/log/gnu?id=ca080b3efb726a4d63838f1eeaf2036a6c2d8dad'>gnu</a>/<a href='/guix/log/gnu/packages?id=ca080b3efb726a4d63838f1eeaf2036a6c2d8dad'>packages</a>/<a href='/guix/log/gnu/packages/debian.scm?id=ca080b3efb726a4d63838f1eeaf2036a6c2d8dad'>debian.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/debian.scm?id=ca080b3efb726a4d63838f1eeaf2036a6c2d8dad&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2020-08-29 05:26:53 +0200'>2020-08-29</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=34017e3fea4aaee2e4e0c6616f5646cf665c5d0f'>gnu: debianutils: Update to 4.11.1.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (debianutils): Update to 4.11.1.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2020-07-02 23:20:50 +0200'>2020-07-02</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=dd3bd0be24cb99226a5fb3422cbc3039c57e9663'>gnu: Add debianutils.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (debianutils): New public variable.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-06-26 01:53:59 +0200'>2020-06-26</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=6941004fb0faf82250ab3975f28ec1eb6f373d2a'>gnu: debootstrap: Wrap with gpg and wget in PATH.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (debootstrap)[inputs]: Add GNUPG and WGET.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-05-01 01:21:03 +0200'>2020-05-01</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=524e5fe56b602d2ccb1dd2bf5a50a0e6ca397759'>gnu: Add apt-mirror.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (apt-mirror): New variable.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>Jean-Baptiste Note</td></tr>
<tr><td><span title='2020-04-13 06:56:54 +0200'>2020-04-13</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=6729488f59c402fef575629d2f9490480995bd64'>gnu: debootstrap: Update to 1.0.123.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (debootstrap): Update to 1.0.123.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2020-03-02 21:33:28 +0200'>2020-03-02</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=bdcec7028c6d7ddd18e4a169b514bd2d1f8b9e2e'>gnu: debootstrap: Update to 1.0.119.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/debian.scm (debootstrap): Update to 1.0.119.

Signed-off-by: Efraim Flashner &lt;efraim@flashner.co.il&gt;
</span></span></td><td>Vincent Legoll</td></tr>
<tr><td><span title='2020-02-23 14:07:17 +0200'>2020-02-23</span></td><td><a href='/guix/commit/gnu/packages/debian.scm?id=3d314a5642a57aa70248c7ee61789d4d53aedae6'>gnu: debootstrap: Update to 1.0.118</a><span class='msg-avail'>...<span class='msg-tooltip'>The attached patch has been tested by creating
arm64, mipsel &amp; amd64 chroots and the amd64
one has been actually run.

--
Vincent Legoll

From a23b962c21e20c72f425675e6ea6e11cd0f944d0 Mon Sep 17 00:00:00 2001
From: Vincent Legoll &lt;vincent.legoll@gmail.com&gt;
Date: Fri, 21 Feb 2020 23:34:40 +0100
Subject: [PATCH] gnu: debootstrap: Update to 1.0.118. *
 gnu/packages/debian.scm (debootstrap): Update to 1.0.118.

Signed-off-by: Efraim Flashner &lt;efraim@flashner.co.il&gt;
</span></span></td><td>Vincent Legoll</td></tr>