devscripts 2.12.6+deb7u2 source package in Debian
Changelog
devscripts (2.12.6+deb7u2) stable-security; urgency=high * uscan: + Repack the tarball and verify it is a compressed archive without allowing arbitrary code execution. Fixes CVE-2013-6888. + Follow tar's recommended security practices - Use --keep-old-files --no-overwrite-dir - Ensure parent directory of directory used for repacking archive isn't accessible to other users. -- James McCoy <email address hidden> Mon, 23 Dec 2013 15:24:03 -0500
Upload details
- Uploaded by:
- Devscripts Devel Team
- Uploaded to:
- Wheezy
- Original maintainer:
- Devscripts Devel Team
- Architectures:
- any
- Section:
- devel
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Wheezy | release | main | devel |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
devscripts_2.12.6+deb7u2.dsc | 2.3 KiB | af1190c241549e65a9b6ccf02195f350f615fb0c31890385e92e827d7d2ea36b |
devscripts_2.12.6+deb7u2.tar.gz | 972.3 KiB | f93e1217e9602637fc24960341bc635b995a9d6cb996c2bed7fe0d0f1e924677 |
No changes file available.