Version in base suite: 1.1-9
Version in overlay suite: 1.1-9sarge1

Base version: sing_1.1-9
Target version: sing_1.1-9sarge1
Base file: /org/ftp.debian.org/ftp/pool/main/s/sing/sing_1.1-9.dsc
Target file: /org/ftp.debian.org/ftp/pool/main/s/sing/sing_1.1-9sarge1.dsc

diff -u sing-1.1/debian/changelog sing-1.1/debian/changelog
--- sing-1.1/debian/changelog
+++ sing-1.1/debian/changelog
@@ -1,3 +1,11 @@
+sing (1.1-9sarge1) oldstable; urgency=low
+
+  * Patched parser.c to drop privileges when opening log file and
+    running sing SUID. (CVE-2007-6211)
+    Thanks a lot to Nico Golde for the patch. (Closes: #454167)
+
+ -- Alberto Gonzalez Iniesta <agi@inittab.org>  Tue, 01 Jan 2008 16:02:39 +0100
+
 sing (1.1-9) unstable; urgency=low
 
   * Fixed version number. Not a NMU
only in patch2:
unchanged:
--- sing-1.1.orig/parser.c
+++ sing-1.1/parser.c
@@ -75,6 +75,8 @@
    struct protoent *proto;
    static struct mi_ifaz iface;
    struct sockaddr_in *aux2;
+   uid_t user_id;
+
    static struct option options[] =
    {
     { "help",    0, 0, 'h' },
@@ -380,8 +382,15 @@
        break;
        
        case 31:
-             if ( (packet->logfile = fopen(optarg, "a+")) == NULL )
-                go_out_error(1, "fopen");
+            user_id = getuid();
+            uid_t tmp_id = geteuid();
+
+            seteuid(user_id);
+            if ( (packet->logfile = fopen(optarg, "a+")) == NULL )
+               go_out_error(1, "fopen");
+
+            seteuid(tmp_id);
+
        break;
        
        case 32:
@@ -889,4 +898,4 @@
    packet.mac_src[i] = strtol(data, (char **)NULL, 16);
    
    return 0;
-}
\ No newline at end of file
+}