devscripts 2.13.9 source package in Debian

Changelog

devscripts (2.13.9) unstable; urgency=low


  [ Martin Pitt ]
  * autopkgtest: Add "allow-stderr" restriction to avoid failing tests because
    of the HTTP server log on stderr.

  [ James McCoy ]
  * uscan:
    + Repack the tarball and verify it is a compressed archive without
      allowing arbitrary code execution.  Fixes CVE-2013-6888.
    + Use find's -exec to call rm directly instead of piping to xargs.
      (Closes: #732006, CVE-2013-7085)
    + Follow tar's recommended security practices
      - Use --keep-old-files --no-overwrite-dir
      - Ensure parent directory of directory used for repacking archive isn't
        accessible to other users.
    + Fix handling of 'dirname' exclusions, so 'dirname/*' isn't required.

  [ Salvatore Bonaccorso ]
  * uscan: Fix unitialized value warning when copyright is not in
    copyright-format 1.0.  (Closes: #732807)

 -- James McCoy <email address hidden>  Mon, 23 Dec 2013 15:28:45 -0500

Upload details

Uploaded by:
Devscripts Devel Team
Uploaded to:
Sid
Original maintainer:
Devscripts Devel Team
Architectures:
any
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
devscripts_2.13.9.dsc 2.1 KiB db88d5279c8141ac79a40746c930230dfe592d101d3e9bff7bb1d9fe2125893b
devscripts_2.13.9.tar.xz 565.1 KiB 78e63e02ecd204ca8157693dc5969eddaf1312d26b572f5dd6ab646ef674c916

Available diffs

No changes file available.

Binary packages built by this source