Viewing all changes in revision 143.
- Committer: Package Import Robot
- Date: 2013-12-23 15:28:45 UTC
- mfrom: (10.10.6 sid)
- Revision ID: package-import@ubuntu.com-20131223152845-yv5wsbyopnnnunxp
[ Martin Pitt ]
* autopkgtest: Add "allow-stderr" restriction to avoid failing tests because
of the HTTP server log on stderr.
[ James McCoy ]
* uscan:
+ Repack the tarball and verify it is a compressed archive without
allowing arbitrary code execution. Fixes CVE-2013-6888.
+ Use find's -exec to call rm directly instead of piping to xargs.
(Closes: #732006, CVE-2013-7085)
+ Follow tar's recommended security practices
- Use --keep-old-files --no-overwrite-dir
- Ensure parent directory of directory used for repacking archive isn't
accessible to other users.
+ Fix handling of 'dirname' exclusions, so 'dirname/*' isn't required.
[ Salvatore Bonaccorso ]
* uscan: Fix unitialized value warning when copyright is not in
copyright-format 1.0. (Closes: #732807)
* autopkgtest: Add "allow-stderr" restriction to avoid failing tests because
of the HTTP server log on stderr.
[ James McCoy ]
* uscan:
+ Repack the tarball and verify it is a compressed archive without
allowing arbitrary code execution. Fixes CVE-2013-6888.
+ Use find's -exec to call rm directly instead of piping to xargs.
(Closes: #732006, CVE-2013-7085)
+ Follow tar's recommended security practices
- Use --keep-old-files --no-overwrite-dir
- Ensure parent directory of directory used for repacking archive isn't
accessible to other users.
+ Fix handling of 'dirname' exclusions, so 'dirname/*' isn't required.
[ Salvatore Bonaccorso ]
* uscan: Fix unitialized value warning when copyright is not in
copyright-format 1.0. (Closes: #732807)
- files modified:
- debian/changelog
expand all
collapse all
added
removed
