lp:ubuntu/precise-security/devscripts
- Get this branch:
- bzr branch lp:ubuntu/precise-security/devscripts
Branch merges
Branch information
Recent revisions
- 117. By Marc Deslauriers
-
* SECURITY UPDATE: directory traversal issue in uupdate
- scripts/uupdate.sh: remove symlinks before applying patches, and
restore them afterwards.
- http://anonscm. debian. org/cgit/ collab- maint/devscript s.git/commit/ ?id=0fef671
- CVE-2014-1833 - 116. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
- scripts/uscan.pl: improve tarball handling.
- 02c6850d973e3e1246fde72edab27f 03d63acc52
- 4b7e58ee6000cdefac0682601cec6e cce0137467
- CVE-2013-6888 - 115. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via insufficient validation
in dscverify
- scripts/dscverify. pl: perform better validation.
- 9fba4788933475185df5e58b7fa557 e5e3fb15e4
- CVE-2012-2240
* SECURITY UPDATE: arbitrary file deletion via insufficient validation
in dget
- scripts/dget.pl: strip invalid characters
- 0fd15bdec07b085f9ef438dacd18e1 59ac60b810
- CVE-2012-2241
* SECURITY UPDATE: file alteration via TOCTOU in annotate-output
- scripts/annotate- output. sh: prevent symlink attack.
- 4d23a5e6c90f7a37b0972b30f5d31d ce97a93eb0
- CVE-2012-3500
* REGRESSION FIX: improper exit code in CVE-2012-0212 debdiff.pl fix
- f9a1a4c468671827d2650161cc3332 4fe0247a98 - 114. By Benjamin Drung
-
* Merge from Debian unstable. Remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-keyring: not useful enough in Ubuntu; universe only.
+ equivs: too much of a hack to install by default; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "precise" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now."
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*. - 113. By Tyler Hicks
-
* Merge from Debian unstable (LP: #933148), remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-keyring: not useful enough in Ubuntu; universe only.
+ equivs: too much of a hack to install by default; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "precise" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now."
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*. - 110. By Steve Langasek
-
* Merge from Debian testing, remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-keyring: not useful enough in Ubuntu; universe only.
+ equivs: too much of a hack to install by default; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "precise" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now."
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*.
* Dropped changes, included in Debian:
- Always make mk-build-deps packages arch-dependent when --arch is
passed. - 108. By Steve Langasek
-
Always make mk-build-deps packages arch-dependent when --arch is passed,
so that it will do the right thing for a multiarch cross-build.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/devscripts