* Apply patch to avoid truncating of arbitrary files. Thanks to Bryan

  Donlan <bdonlan@fushizen.net> for the patch. Closes: #482476
* Avoid using dbus if dbus-daemon isn't running. Closes: #438803
* apt-pkg/deb/dpkgpm.cc:
  - improve apt progress reporting, display trigger actions
* apt-pkg/depcache.cc:
  - when checking for new important deps, skip critical ones
    (LP: #236360)

* Vietnamese updated. Closes: #479748
* Russian updated. Closes: #479777
* Galician updated. Closes: #479792
* Portuguese updated. Closes: #479847
* Swedish updated. Closes: #479871
* Dutch updated. Closes: #480125
* Kurdish added. Closes: #480150
* Brazilian Portuguese updated. Closes: #480561
* Hungarian updated. Closes: #480662
* Apply patch to avoid truncating of arbitrary files. Thanks to Bryan
  Donlan <bdonlan@fushizen.net> for the patch. Closes: #482476
* Avoid using dbus if dbus-daemon isn't running. Closes: #438803

* debian/apt.cron.daily:
  - apply patch based on the ideas of Francesco Poli for better 
    behavior when the cache can not be locked (closes: #459344)

1 files changed, 3 insertions, 1 deletions

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 2b7e25080..a5976cf3a 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -138,7 +138,9 @@ bool CopyFile(FileFd &From,FileFd &To)
    close at some time. */
 int GetLock(string File,bool Errors)
 {
-   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_TRUNC,0640);
+   // GetLock() is used in aptitude on directories with public-write access
+   // Use O_NOFOLLOW here to prevent symlink traversal attacks
+   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_NOFOLLOW,0640);
    if (FD < 0)
    {
       // Read only .. cant have locking problems there.