Changelog
dpkg (1.15.8.8) unstable; urgency=low
[ Guillem Jover ] * Truncate the output part file on “dpkg-split -s”. Regression introduced with the C rewrite. [ Updated man page translations ] * Two typos fixed in French (Christian Perrier, thanks to Julien Valroff). [ Raphaël Hertzog ] * Fix multiple security issues with dpkg-source (CVE-2010-1679): - Enhance checks to catch maliciously crafted patches which could modify files outside of the unpacked source package. - Do not consider a top-level symlink like a directory when extracting a tarball. - Exclude .pc while extracting the upstream tarball in 3.0 (quilt) as patch blindly writes in that directory during unpack (and would follow any existing symlink). -- Raphaël Hertzog <email address hidden> Thu, 06 Jan 2011 21:04:33 +0100
