Ubuntu
devscripts package

Branches for Maverick

Name Status Last Modified Last Commit
lp:ubuntu/maverick/devscripts bug 2 Mature 2010-08-24 15:20:58 UTC
93. * Merge from Debian unstable; remaini...

Author: Benjamin Drung
Revision Date: 2010-08-20 03:39:01 UTC

* Merge from Debian unstable; remaining changes:
  - Demote Recommends to Suggests:
    + libcrypt-ssleay-perl: only needed for a corner case (uscan on SSL
      download sites), wasn't installed by default in previous releases
      either, and seems quite dead upstream; universe only.
    + libsoap-lite-perl: only needed for one less common command ("select")
      for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
      other universe Perl libraries; universe only.
    + debian-{keyring,maintainers}: not useful enough in Ubuntu; universe
      only.
    + equivs: too much of a hack to install by default; universe only.
    + libyaml-syck-perl: transition-check is fairly Debian-specific.
  - scripts/debchange.{pl,1}:
    + Adjust --security template for Ubuntu.
    + Add -U/--upstream flag that forces original "just increment
      the end" behaviour; Ubuntu is upstream for some pieces of software.
    + Add --distributor= to override lsb_release output.
    + Default to "maverick" as distribution.
    + Add "ubuntu1" to version string for new versions, with tweaks for
      special cases.
    + Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
    + Don't use the last distribution in debian/changelog when doing
      "dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
      doesn't mean that's the right thing to do now." Thanks to Colin
      Watson. (LP: #429288)
  - scripts/debcommit.pl: support commiting to bzr from debian/.
  - scripts/debsign.{sh,1}: Implement DEBSIGN_ALWAYS_RESIGN variable to skip
    the "Would you like to use the current signature?" question. (Debian
    #447955)
  - scripts/debuild.pl: Enforce Ubuntu merge policy.
  - scripts/dscverify.pl: Add Ubuntu keyrings.
  - scripts/rmadison.pl: Change default URL parameter to ubuntu.
  - Add test/debchange.pl, test/Makefile: debchange test suite; call it
    during build in debian/rules. Also add lsb-release build dependency for
    this, so that debchange uses Ubuntu mode.
* Add natty as an allowable distribution for Ubuntu (Closes: #593659).
lp:ubuntu/maverick-security/devscripts 2 Mature 2012-02-15 17:59:00 UTC
94. * SECURITY UPDATE: Arbitrary code exe...

Author: Tyler Hicks
Revision Date: 2012-02-15 03:33:42 UTC

* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
  and .changes files
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Raphael Geissert for the original patch.
  - CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
  level directory of the original upstream source tarball
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Adam D. Barratt for the original patch.
  - CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
  arguments passed to debdiff
  - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
    upstream patches.
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
  - CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
  files with extentionless filenames as packages. Thanks to Adam D. Barratt
  for the original patch.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559
lp:ubuntu/maverick-updates/devscripts 2 Mature 2012-02-15 18:09:24 UTC
94. * SECURITY UPDATE: Arbitrary code exe...

Author: Tyler Hicks
Revision Date: 2012-02-15 03:33:42 UTC

* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
  and .changes files
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Raphael Geissert for the original patch.
  - CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
  level directory of the original upstream source tarball
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Adam D. Barratt for the original patch.
  - CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
  arguments passed to debdiff
  - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
    upstream patches.
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
  - CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
  files with extentionless filenames as packages. Thanks to Adam D. Barratt
  for the original patch.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559
13 of 3 results FirstPreviousNextLast