This patch fixes an issues where temporary files were created in an insecure
way.

It was first intruduced in version 3.8.3-7 and fixes
http://bugs.debian.org/438540
--- a/src/tag_file.cpp
+++ b/src/tag_file.cpp
@@ -242,8 +242,8 @@
     strcpy(sTempFile, filename.c_str());
     strcat(sTempFile, sTmpSuffix.c_str());
 
-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
-    // This section is for Windows folk && gcc 3.x folk
+#if !defined(HAVE_MKSTEMP)
+    // This section is for Windows folk
     fstream tmpOut;
     createFile(sTempFile, tmpOut);
 
@@ -257,7 +257,7 @@
       tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#else //!defined(HAVE_MKSTEMP)
 
     // else we gotta make a temp file, copy the tag into it, copy the
     // rest of the old file after the tag, delete the old file, rename
@@ -270,7 +270,7 @@
       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
     }
 
-    ofstream tmpOut(fd);
+    ofstream tmpOut(sTempFile);
     if (!tmpOut)
     {
       tmpOut.close();
@@ -285,14 +285,14 @@
     uchar tmpBuffer[BUFSIZ];
     while (file)
     {
-      file.read(tmpBuffer, BUFSIZ);
+      file.read((char *)tmpBuffer, BUFSIZ);
       size_t nBytes = file.gcount();
-      tmpOut.write(tmpBuffer, nBytes);
+      tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
     close(fd); //closes the file
 
-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#endif ////!defined(HAVE_MKSTEMP)
 
     tmpOut.close();
     file.close();
/log/gnu/packages/opencl.scm'>
<input type='hidden' name='id' value='a6a79897bc492cf708c8cbe8df665cdbc13f38f8'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=a6a79897bc492cf708c8cbe8df665cdbc13f38f8'>root</a>/<a href='/guix/log/gnu?id=a6a79897bc492cf708c8cbe8df665cdbc13f38f8'>gnu</a>/<a href='/guix/log/gnu/packages?id=a6a79897bc492cf708c8cbe8df665cdbc13f38f8'>packages</a>/<a href='/guix/log/gnu/packages/opencl.scm?id=a6a79897bc492cf708c8cbe8df665cdbc13f38f8'>opencl.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/opencl.scm?id=a6a79897bc492cf708c8cbe8df665cdbc13f38f8&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-11-15 17:52:45 +0100'>2019-11-15</span></td><td><a href='/guix/commit/gnu/packages/opencl.scm?id=8c8e108978e0917415c863977b605b84dd01be52'>gnu: hwloc: Update to 2.1.0.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/mpi.scm (hwloc-2.0): Rename to...
(hwloc-2): ... this.  Update to 2.1.0
(hwloc-2.0): Define as deprecated.
* gnu/packages/opencl.scm (pocl)[inputs]: Adjust accordingly.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-10-31 01:03:27 +0100'>2019-10-31</span></td><td><a href='/guix/commit/gnu/packages/opencl.scm?id=bbad38f4d8e6b6ecc15c476b973094cdf96cdeae'>gnu: pocl: Update to 1.4.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/opencl.scm (pocl): Update to 1.4.
[inputs]: Change from LLVM to LLVM-8.

Signed-off-by: Marius Bakke &lt;mbakke@fastmail.com&gt;
</span></span></td><td>Ivan Gankevich</td></tr>
<tr><td><span title='2019-02-26 22:26:35 +0200'>2019-02-26</span></td><td><a href='/guix/commit/gnu/packages/opencl.scm?id=35aa016af104567a6632abdbad72e5fd3de8e2ca'>gnu: beignet: Limit supported architectures.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/opencl.scm (beignet)[supported-systems]: New field.
</span></span></td><td>Efraim Flashner</td></tr>