UbuntuUpdates.org

Package "libdpkg-dev"

Name: libdpkg-dev

Description:

Debian package management static library

Latest version: 1.17.5ubuntu5.6
Release: trusty (14.04)
Level: security
Repository: main
Head package: dpkg
Homepage: https://wiki.debian.org/Teams/Dpkg

Links


Download "libdpkg-dev"


Other versions of "libdpkg-dev" in Trusty

Repository Area Version
base main 1.17.5ubuntu5
updates main 1.17.5ubuntu5.8

Changelog

Version: 1.17.5ubuntu5.6 2016-04-26 05:06:31 UTC

  dpkg (1.17.5ubuntu5.6) trusty; urgency=medium

  * dpkg-maintscript-helper: s/exit/return/ in subshells (LP: #1574285)

 -- Adam Conrad <email address hidden> Mon, 25 Apr 2016 12:44:01 -0600

Source diff to previous version
1574285 dpkg-maintscript-helper: prepare_dir_to_symlink can never succeed

Version: 1.17.5ubuntu5.5 2015-11-26 19:06:30 UTC

  dpkg (1.17.5ubuntu5.5) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - dpkg-deb/extract.c: Fix off-by-one write access on versionbuf
      variable.
    - dpkg-deb/extract.c: Fix off-by-one write access on ctrllenbuf
      variable. (CVE-2015-0860)
    - lib/dpkg/ar.c: Fix an off-by-one read access in ar member name
      variable.
    - Thanks to Guillem Jover and Hanno Böck for the patches!

 -- Marc Deslauriers Thu, 26 Nov 2015 07:57:34 -0500

Source diff to previous version
CVE-2015-0860 off-by-one write access in dpkg-deb

Version: 1.17.5ubuntu5.4 2015-04-09 20:06:41 UTC

  dpkg (1.17.5ubuntu5.4) trusty-security; urgency=medium

  * SECURITY UPDATE: OpenPGP Armor Header Line parsing issue
    - scripts/Dpkg/Control/HashCore.pm: adjust whitespace parsing.
    - scripts/Makefile.*, scripts/t/700_Dpkg_Control.t,
      scripts/t/700_Dpkg_Control/bogus-armor-formfeed.dsc: added tests.
    - Patch thanks to Guillem Jover
    - CVE-2015-0840
 -- Marc Deslauriers <email address hidden> Thu, 09 Apr 2015 08:41:39 -0400

Source diff to previous version

Version: 1.17.5ubuntu5.3 2014-06-10 12:06:55 UTC

  dpkg (1.17.5ubuntu5.3) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary file modification via dpkg-source
    - scripts/Dpkg/Source/Patch.pm: Use a better regex for patch header
      parsing
    - 5348cbc981a65c3c9b05bb4d13553bda930c2d78
    - CVE-2014-3864
    - CVE-2014-3865
 -- Marc Deslauriers <email address hidden> Mon, 09 Jun 2014 12:34:57 -0400

Source diff to previous version
CVE-2014-3864 Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 ...
CVE-2014-3865 Multiple directory traversal vulnerabilities in dpkg-source in ...

Version: 1.17.5ubuntu5.2 2014-05-01 15:07:08 UTC

  dpkg (1.17.5ubuntu5.2) trusty-security; urgency=medium

  * SECURITY UPDATE: directory traversal in dpkg-source
    - scripts/Dpkg/Source/Patch.pm: outright reject C-style filenames in
      patches
    - a12eb58959d0a10584a428f4a3103a49204c410f
    - CVE-2014-0471
 -- Marc Deslauriers <email address hidden> Thu, 01 May 2014 07:59:19 -0400

CVE-2014-0471 dpkg-source: directory traversal during unpack



About   -   Send Feedback to @ubuntu_updates