diff -ur kdelibs-3.5.10/kinit/lnusertemp.c kdelibs-3.5.10-CVE-2015-7543/kinit/lnusertemp.c

--- kdelibs-3.5.10/kinit/lnusertemp.c	2007-05-14 09:52:34.000000000 +0200

+++ kdelibs-3.5.10-CVE-2015-7543/kinit/lnusertemp.c	2015-12-10 10:04:02.934321515 +0100

@@ -178,7 +178,11 @@

      if (result == 0) return 0; /* Success */

      unlink(kde_tmp_dir);

      strncat(user_tmp_dir, "XXXXXX", PATH_MAX - strlen(user_tmp_dir));

+#if 0

      mktemp(user_tmp_dir); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */

+#else

+     if (mkdtemp(user_tmp_dir)==0) return 1; /*JOWENN: isn't that the better solution ?? */

+#endif

      return create_link(kde_tmp_dir, user_tmp_dir);

   }

   if ((result == -1) || (!S_ISLNK(stat_buf.st_mode)))

@@ -204,14 +208,22 @@

      if (result == 0) return 0; /* Success */

      unlink(kde_tmp_dir);

      strncat(user_tmp_dir, "XXXXXX", PATH_MAX - strlen(user_tmp_dir));

+#if 0

      mktemp(user_tmp_dir); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */

+#else

+     if (mkdtemp(user_tmp_dir)==0) return 1; /*JOWENN: isn't that the better solution ?? */

+#endif

      return create_link(kde_tmp_dir, user_tmp_dir);

   }

   result = check_tmp_dir(tmp_buf);

   if (result == 0) return 0; /* Success */

   unlink(kde_tmp_dir);

   strncat(user_tmp_dir, "XXXXXX", PATH_MAX - strlen(user_tmp_dir));

+#if 0

   mktemp(user_tmp_dir); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */

+#else

+     if (mkdtemp(user_tmp_dir)==0) return 1; /*JOWENN: isn't that the better solution ?? */

+#endif

   return create_link(kde_tmp_dir, user_tmp_dir);

 }