Package "devscripts"
Name: |
devscripts
|
Description: |
scripts to make the life of a Debian Package maintainer easier
|
Latest version: |
2.11.6ubuntu1.7 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
main |
Links
Download "devscripts"
Other versions of "devscripts" in Precise
Changelog
devscripts (2.11.6ubuntu1.7) precise-security; urgency=medium
* SECURITY UPDATE: directory traversal issue in uupdate
- scripts/uupdate.sh: remove symlinks before applying patches, and
restore them afterwards.
- http://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=0fef671
- CVE-2014-1833
-- Marc Deslauriers <email address hidden> Mon, 15 Jun 2015 13:15:39 -0400
|
Source diff to previous version |
CVE-2014-1833 |
Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, rel |
|
devscripts (2.11.6ubuntu1.6) precise-security; urgency=low
* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
- scripts/uscan.pl: improve tarball handling.
- 02c6850d973e3e1246fde72edab27f03d63acc52
- 4b7e58ee6000cdefac0682601cec6ecce0137467
- CVE-2013-6888
-- Marc Deslauriers <email address hidden> Fri, 10 Jan 2014 13:02:15 -0500
|
Source diff to previous version |
CVE-2013-6888 |
Uscan in devscripts before 2.13.9 allows remote attackers to execute ... |
|
devscripts (2.11.6ubuntu1.4) precise-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via insufficient validation
in dscverify
- scripts/dscverify.pl: perform better validation.
- 9fba4788933475185df5e58b7fa557e5e3fb15e4
- CVE-2012-2240
* SECURITY UPDATE: arbitrary file deletion via insufficient validation
in dget
- scripts/dget.pl: strip invalid characters
- 0fd15bdec07b085f9ef438dacd18e159ac60b810
- CVE-2012-2241
* SECURITY UPDATE: file alteration via TOCTOU in annotate-output
- scripts/annotate-output.sh: prevent symlink attack.
- 4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0
- CVE-2012-3500
* REGRESSION FIX: improper exit code in CVE-2012-0212 debdiff.pl fix
- f9a1a4c468671827d2650161cc33324fe0247a98
-- Marc Deslauriers <email address hidden> Wed, 26 Sep 2012 14:49:27 -0400
|
CVE-2012-2240 |
dscverify arbitrary code execution |
CVE-2012-2241 |
dget arbitrary file deletion |
CVE-2012-3500 |
annotate-output temp files handling |
CVE-2012-0212 |
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in |
|
About
-
Send Feedback to @ubuntu_updates