1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
PublicDateAtUSN: 2011-01-06
Candidate: CVE-2010-1679
PublicDate: 2011-01-10
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679
http://www.ubuntu.com/usn/usn-1038-1
Description:
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and
1.15.x allows user-assisted remote attackers to modify arbitrary files via
directory traversal sequences in a patch for a source-format 3.0 package.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: Jakub Wilk and Raphaƫl Hertzog
Assigned-to: kees
Patches_dpkg:
upstream_dpkg: released (1.15.8.8)
dapper_dpkg: not-affected
hardy_dpkg: not-affected
karmic_dpkg: released (1.15.4ubuntu2.3)
lucid_dpkg: released (1.15.5.6ubuntu4.5)
maverick_dpkg: released (1.15.8.4ubuntu3.1)
devel_dpkg: released (1.15.8.7ubuntu2)
|