Version in base suite: 0.23
Version in overlay suite: 0.23+sarge1

Base version: debian-goodies_0.23
Target version: debian-goodies_0.23+sarge1
Base file: /org/ftp.debian.org/ftp/pool/main/d/debian-goodies/debian-goodies_0.23.dsc
Target file: /org/ftp.debian.org/ftp/pool/main/d/debian-goodies/debian-goodies_0.23+sarge1.dsc

diff -Nru /tmp/g5kYkiIXUt/debian-goodies-0.23/checkrestart /tmp/YvKIaILE58/debian-goodies-0.23+sarge1/checkrestart
--- /tmp/g5kYkiIXUt/debian-goodies-0.23/checkrestart	2003-12-17 01:12:58.000000000 +0000
+++ /tmp/YvKIaILE58/debian-goodies-0.23+sarge1/checkrestart	2008-03-24 14:17:43.000000000 +0000
@@ -3,6 +3,7 @@
 import sys
 import os
 import re
+import popen2
 
 if os.getuid() != 0:
     sys.stderr.write('This program must be run as root\n')
@@ -35,10 +36,12 @@
     print "(%d distinct programs)" % len(programs)
 
     packages = {}
-    #dpkgQuery = 'dpkg-query --search ' + ' '.join(programs.keys())
     diverted = None
-    dpkgQuery = 'dpkg --search ' + ' '.join(programs.keys())
-    for line in os.popen(dpkgQuery).readlines():
+    dpkgQuery = ["dpkg", "--search"]
+    dpkgQuery = dpkgQuery.append(programs.keys())
+    (stdo, stdi) = popen2.popen2(dpkgQuery)
+    
+    for line in stdo:
         if line.startswith('local diversion'):
             continue
         
diff -Nru /tmp/g5kYkiIXUt/debian-goodies-0.23/debian/changelog /tmp/YvKIaILE58/debian-goodies-0.23+sarge1/debian/changelog
--- /tmp/g5kYkiIXUt/debian-goodies-0.23/debian/changelog	2004-01-15 05:10:59.000000000 +0000
+++ /tmp/YvKIaILE58/debian-goodies-0.23+sarge1/debian/changelog	2008-03-24 14:15:43.000000000 +0000
@@ -1,3 +1,13 @@
+debian-goodies (0.23+sarge1) oldstable-security; urgency=high
+
+  * Non-maintainer upload by the security team.
+  * Fix security bug that enables users to generate files in the
+    filesystem with shell metacharacters and have the checkrestart
+    script run external code (as root, since the script will only
+    run as admin). (CVE-2007-3912, closes: 440411)
+
+ -- Thijs Kinkhorst <thijs@debian.org>  Mon, 24 Mar 2008 15:13:00 +0100
+
 debian-goodies (0.23) unstable; urgency=low
 
   * Man page for popbugs from Jochen Voss <voss@debian.org> (Closes: