[ddh-sys] apt-listchanges: changelogs for less

root root op ddh.nl
Do Mrt 11 09:04:26 CET 2010

dpkg (1.14.29) stable-security; urgency=high

  * Modify dpkg-source to error out when it would apply patches containing
    insecure paths (with "/../") and also error out when it would apply a
    patch through a symlink. Those checks are required as patch will happily
    modify files outside of the target directory and unpacking a source package
    should not be able to have any side-effect outside of the target
    directory. Fixes CVE-2010-0396.
  * Also error out when the quilt series contains a path with "/../" as this
    can cause patch to create files outside of the source package due
    to the -B .pc/$path option that it gets.

 -- Raphael Hertzog <hertzog op debian.org>  Fri, 05 Mar 2010 22:25:05 +0100

More information about the ddh-sys mailing list