devscripts 2.12.6+deb7u2 source package in Debian
Changelog
devscripts (2.12.6+deb7u2) stable-security; urgency=high
* uscan:
+ Repack the tarball and verify it is a compressed archive without
allowing arbitrary code execution. Fixes CVE-2013-6888.
+ Follow tar's recommended security practices
- Use --keep-old-files --no-overwrite-dir
- Ensure parent directory of directory used for repacking archive isn't
accessible to other users.
-- James McCoy <email address hidden> Mon, 23 Dec 2013 15:24:03 -0500
Upload details
- Uploaded by:
- Devscripts Devel Team
- Uploaded to:
- Wheezy
- Original maintainer:
- Devscripts Devel Team
- Architectures:
- any
- Section:
- devel
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Wheezy | release | main | devel |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| devscripts_2.12.6+deb7u2.dsc | 2.3 KiB | af1190c241549e65a9b6ccf02195f350f615fb0c31890385e92e827d7d2ea36b |
| devscripts_2.12.6+deb7u2.tar.gz | 972.3 KiB | f93e1217e9602637fc24960341bc635b995a9d6cb996c2bed7fe0d0f1e924677 |
No changes file available.
