Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-0210

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file.

Related bugs and status

CVE-2012-0210 (Candidate) is related to these bugs:

Bug #933148: Please merge devscripts 2.11.4 (main) from Debian unstable (main)

Summary				In	Importance	Status
	933148	Please merge devscripts 2.11.4 (main) from Debian unstable (main)		devscripts (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://anonscm.debian....
DEBIAN: DSA-2409
UBUNTU: USN-1366-1
BID: 52029
OSVDB: 79319
SECUNIA: 47955
SECUNIA: 48039
XF: devscripts-dsc-code-ex...