Added the tempfile patch to texinfo

git-svn-id: http://svn.linuxfromscratch.org/LFS/branches/6.1.1/BOOK@7007 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

chapter01/changelog.xml

@@ -35,6 +35,9 @@ First a summary, then a detailed log.</para>
 </itemizedlist>
 </listitem>
 
+<listitem><para>October 14th, 2005 [jhuntwork]: Added the tempfile patch
+for texinfo.</para></listitem> 	
+
 <listitem><para>October 14th, 2005 [ken]: Update packages and patches in
 the changelog to only reflect changes since 6.1.  Update zlib.</para></listitem> 	
 

chapter03/patches.xml

@@ -148,6 +148,13 @@ needed to build an LFS system:</para>
 </listitem>
 </varlistentry>
 
+<varlistentry>
+<term>Texinfo Tempfile Fix Patch - 2 KB:</term>
+<listitem>
+<para><ulink url="&patches-root;texinfo-&texinfo-version;-tempfile_fix-1.patch"/></para>
+</listitem>
+</varlistentry>
+
 <varlistentry>
 <term>Util-linux Cramfs Patch - 3 KB:</term> <listitem>
 <para><ulink url="&patches-root;util-linux-&util-linux-version;-cramfs-1.patch"/></para>

chapter06/texinfo.xml

@@ -29,6 +29,11 @@ Diffutils, GCC, Gettext, Glibc, Grep, Make, Ncurses, and Sed</seg></seglistitem>
 <sect2 role="installation">
 <title>Installation of Texinfo</title>
 
+<para>Texinfo allows local users to overwrite arbitrary files via a symlink attack 
+on temporary files. Apply the following patch to fix this:</para>
+
+<screen><userinput>patch -Np1 -i ../texinfo-&texinfo-version;-tempfile_fix-1.patch</userinput></screen>
+
 <para>Prepare Texinfo for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr</userinput></screen>