Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-0212

debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument.

Related bugs and status

CVE-2012-0212 (Candidate) is related to these bugs:

Bug #933148: Please merge devscripts 2.11.4 (main) from Debian unstable (main)

Summary				In	Importance	Status
	933148	Please merge devscripts 2.11.4 (main) from Debian unstable (main)		devscripts (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://anonscm.debian....
DEBIAN: DSA-2409
UBUNTU: USN-1366-1
BID: 52029
OSVDB: 79322
SECUNIA: 47955
SECUNIA: 48039
UBUNTU: USN-1593-1
XF: devscripts-debdiff-cod...