diff --git a/package/base/texinfo/texinfo-4.9-tempfile_fix-1.patch b/package/base/texinfo/texinfo-4.9-tempfile_fix-1.patch
new file mode 100644
index 000000000..b401ed088
--- /dev/null
+++ b/package/base/texinfo/texinfo-4.9-tempfile_fix-1.patch
@@ -0,0 +1,82 @@
+Copied from www.linuxfromscratch.org to ROCK Linux.
+
+Updated By: Bruce Dubbs (bdubbs -aT- linuxfromscratch -DoT- org)
+Date: 2005-12-12
+Submitted By: Archaic (archaic -aT- linuxfromscratch -DoT- org)
+Date: 2005-10-08
+Initial Package Version: 4.8
+Origin: http://gentoo.kems.net/gentoo-portage/sys-apps/texinfo/files/texinfo-4.8-tempfile.patch
+Upstream Status: A few patches are floating around in Debian BZ #328365 of which
+                 upstream hasn't made a full commitment on yet.
+Description: (CAN-2005-3011) texindex in texinfo 4.8 and earlier allows local
+             users to overwrite arbitrary files via a symlink attack on
+             temporary files.
+Update: Changed to not pass a constant string to mktemp().
+
+diff -Naur texinfo-4.9.orig/util/texindex.c texinfo-4.9/util/texindex.c
+--- texinfo-4.9.orig/util/texindex.c	2007-07-23 07:11:38.000000000 -0400
++++ texinfo-4.9/util/texindex.c	2007-07-23 07:11:49.000000000 -0400
+@@ -99,6 +99,9 @@
+ /* Directory to use for temporary files.  On Unix, it ends with a slash.  */
+ char *tempdir;
+ 
++/* Basename for temp files inside of tempdir.  */
++char *tempbase;
++
+ /* Number of last temporary file.  */
+ int tempcount;
+ 
+@@ -153,6 +156,7 @@
+ main (int argc, char **argv)
+ {
+   int i;
++  char template[]="txidxXXXXXX";
+ 
+   tempcount = 0;
+   last_deleted_tempcount = 0;
+@@ -190,6 +194,11 @@
+ 
+   decode_command (argc, argv);
+ 
++  /* XXX mkstemp not appropriate, as we need to have somewhat predictable
++   * names. But race condition was fixed, see maketempname. 
++   */
++  tempbase = mktemp (template);
++
+   /* Process input files completely, one by one.  */
+ 
+   for (i = 0; i < num_infiles; i++)
+@@ -390,21 +399,21 @@
+ static char *
+ maketempname (int count)
+ {
+-  static char *tempbase = NULL;
+   char tempsuffix[10];
+-
+-  if (!tempbase)
+-    {
+-      int fd;
+-      tempbase = concat (tempdir, "txidxXXXXXX");
+-
+-      fd = mkstemp (tempbase);
+-      if (fd == -1)
+-        pfatal_with_name (tempbase);
+-    }
++  char *name, *tmp_name;
++  int fd;
+ 
+   sprintf (tempsuffix, ".%d", count);
+-  return concat (tempbase, tempsuffix);
++  tmp_name = concat (tempdir, tempbase);
++  name = concat (tmp_name, tempsuffix);
++  free(tmp_name);
++
++  fd = open (name, O_CREAT|O_EXCL|O_WRONLY, 0600);
++  if (fd == -1)
++    pfatal_with_name (name);
++
++  close(fd);
++  return name;
+ }
+ 
+ 
diff --git a/package/base/texinfo/texinfo.conf b/package/base/texinfo/texinfo.conf
index ff11ff742..b769706e5 100644
--- a/package/base/texinfo/texinfo.conf
+++ b/package/base/texinfo/texinfo.conf
@@ -1,3 +1,4 @@
+#!/bin/bash
 # --- ROCK-COPYRIGHT-NOTE-BEGIN ---
 # 
 # This copyright note is auto-generated by ./scripts/Create-CopyPatch.
@@ -24,7 +25,6 @@ no_doc_info_subdirs() {
 	sed -i '/^SUBDIRS/ { s/\bdoc\b//; s/\binfo\b//; }' Makefile
 }
 
-if [ $stagelevel -le 1 ] ; then
+if [ $stagelevel -le 2 ] ; then
 	premake=no_doc_info_subdirs
 fi
-