- Committer: Package Import Robot
- Date: 2012-02-15 03:33:36 UTC
- Revision ID: package-import@ubuntu.com-20120215033336-5hdcqgfydmy045wn
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
and .changes files
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Raphael Geissert for the original patch.
- CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
level directory of the original upstream source tarball
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Adam D. Barratt for the original patch.
- CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
arguments passed to debdiff
- scripts/debdiff.pl: Perform input sanitization on filenames. Based on
upstream patches.
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
- CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
files with extentionless filenames as packages. Thanks to Adam D. Barratt
for the original patch.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559
and .changes files
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Raphael Geissert for the original patch.
- CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
level directory of the original upstream source tarball
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Adam D. Barratt for the original patch.
- CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
arguments passed to debdiff
- scripts/debdiff.pl: Perform input sanitization on filenames. Based on
upstream patches.
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
- http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
- CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
files with extentionless filenames as packages. Thanks to Adam D. Barratt
for the original patch.
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 .. |
|||||||
.bzr-builddeb
|
1 | 22 years ago | Bazaar Package Importer | * debclean: don't remove .upload files (closes: #1 |
|
||
|
debian
|
1 | 22 years ago | Bazaar Package Importer | * debclean: don't remove .upload files (closes: #1 |
|
||
|
Devscripts
|
1 | 22 years ago | Bazaar Package Importer | * debclean: don't remove .upload files (closes: #1 |
|
||
|
examples
|
25 | 17 years ago | Bazaar Package Importer | * Resynchronise with Debian. Remaining changes: |
|
||
|
po4a
|
4 | 18 years ago | Bazaar Package Importer | [ Julian Gilbey ] * bts: fix forwarded command (Cl |
|
||
|
scripts
|
25 | 17 years ago | Bazaar Package Importer | * Resynchronise with Debian. Remaining changes: |
|
||
|
test
|
15 | 17 years ago | Bazaar Package Importer | * debchange: correct handling of version increment |
|
||
conf.default.in |
47 | 16 years ago | Bazaar Package Importer | * Merge from debian unstable, remaining changes: | 12 KB |
|
|
|
COPYING |
25 | 17 years ago | Bazaar Package Importer | * Resynchronise with Debian. Remaining changes: | 17.5 KB |
|
|
|
Makefile |
25 | 17 years ago | Bazaar Package Importer | * Resynchronise with Debian. Remaining changes: | 1.2 KB |
|
|
|
Makefile.common |
25 | 17 years ago | Bazaar Package Importer | * Resynchronise with Debian. Remaining changes: | 75 bytes |
|
|
|
README |
47 | 16 years ago | Bazaar Package Importer | * Merge from debian unstable, remaining changes: | 12.2 KB |
|
|
|
README.newscripts |
42 | 16 years ago | Bazaar Package Importer | * Merge from debian unstable, remaining changes: | 649 bytes |
|
|