Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 25 Apr 2014 05:01:27 +0200
Source: dpkg
Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect
Architecture: source amd64 all
Version: 1.15.9
Distribution: squeeze-security
Urgency: high
Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
Changed-By: Guillem Jover <guil...@debian.org>
Description:
dpkg - Debian package management system
dpkg-dev - Debian package development tools
dselect - Debian package management front-end
libdpkg-dev - Debian package management static library
libdpkg-perl - Dpkg perl modules
Changes:
dpkg (1.15.9) squeeze-security; urgency=high
.
* Correctly parse C-style diff filenames in Dpkg::Source::Patch, to avoid
directory traversal attempts from hostile source packages when unpacking
them. Reported by Jakub Wilk <jw...@debian.org>. Fixes CVE-2014-0471.
Checksums-Sha1:
559bf5559996557780773d17fe2cbf126a616d0b 1840 dpkg_1.15.9.dsc
b5936fec5b061626ce3af4f892b2518d7a4461ff 5264201 dpkg_1.15.9.tar.bz2
969f64bcd6a257ca4d13f20cb5e94c119338f7c3 438328 libdpkg-dev_1.15.9_amd64.deb
c099a845c19f76e16a74480d44cb4970cfb79207 2399516 dpkg_1.15.9_amd64.deb
a6794b4f7e9cdfc10b286a28de87fdefa24daf53 906994 dselect_1.15.9_amd64.deb
60ffbc091b6fbaa0cbe7c71dbc6a8f48a33d1647 813366 dpkg-dev_1.15.9_all.deb
67ce1e2c6433e348f982cda80561bf68637814f1 695760 libdpkg-perl_1.15.9_all.deb
Checksums-Sha256:
0350182ad3dc207caa5c0aa61bfb378acc4a4b404b820b3f0f3bfda0c95e9f1c 1840
dpkg_1.15.9.dsc
00a8239e3738fb60e5a0b8c17407554bb4190343a026b0e6e516827ff541bd4c 5264201
dpkg_1.15.9.tar.bz2
47808b122034fef94ac9a459fc29780768ae3ce3f1cbe14d440cf86242daf1a7 438328
libdpkg-dev_1.15.9_amd64.deb
af7d54199b7a704cb87fe95d12da4336a3503395f44d7bc2412ed2f9c43f8272 2399516
dpkg_1.15.9_amd64.deb
43185f417f26402c20126dca0dacf31320c6e685a23060956768c67ef3a52f90 906994
dselect_1.15.9_amd64.deb
a86b0b787475081f35f8849ebc58c00aa2a207ed43031fabb127f01701d4d436 813366
dpkg-dev_1.15.9_all.deb
24f733481aece5648ca83f4f8c94bd7a872cc07fa781609c7bf4b931dca9c526 695760
libdpkg-perl_1.15.9_all.deb
Files:
40bcf3436605b4e3abebb6ef9b3f6b29 1840 admin required dpkg_1.15.9.dsc
ff6dcc82c7c2a3da1c5ad2917149a210 5264201 admin required dpkg_1.15.9.tar.bz2
59f68d9e76edca7725c9b3f47f165344 438328 libdevel optional
libdpkg-dev_1.15.9_amd64.deb
de6729cebd3d6942eed699e8fec0c760 2399516 admin required dpkg_1.15.9_amd64.deb
a222a38c39273397b565a44fc74c3244 906994 admin optional dselect_1.15.9_amd64.deb
3f131e088737ae8e34c12cb6ce75e2ce 813366 utils optional dpkg-dev_1.15.9_all.deb
c63dcd57b4071901297a4a8ee300448e 695760 perl optional
libdpkg-perl_1.15.9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCAAGBQJTWdqQAAoJELlyvz6krlejLgQQAMSd0FuWP8J+Cfum66nymx07
UfM4eKXxc4QLkVABr72L7jD2l5haI/3ZXNW+K/tVFUK0lB1AusUqoPl0yULpKJri
VBcNoXeCqYyM1rJVyYWurqbJ5gTqe12i9mxx2eVhHo+ZI9gJ4HjO1NPk+VXqDoCi
9NiSG3YfnqJWffHxqIgHUX9DFTSzTQCBbO1jHdwyB7GJBPKbBhFg9a3gUZb6ec0+
N0iKckhtYuiroVyKF1VnSTHhGnIo3mEydPWLd61N1CBm4ToqFrLwegPHNTcnr2iw
ysO/9egujK5TYo/Tfb0DN0hsFDBlXxd6NBsPsZBfXQ6y76xFQfAoL5UxxsMGV52S
wGaqsYEWd41kzJJq+f70i/jsvOd3qDzOTIHogSgx5WFNHP6x/sK88nOFqvGBqL20
peVbDHUgT/c7uLimx+AKeOKBgdiSC43Y6hnDZH7ydq6VmSt2ahgsRMSwK+FurjPa
qgIv1WXjXw0yJpU3Jib5B/2gCoEO5IV+rmPexSAdf6NZcCTufmUDH5ZDNoJmkd0p
HlnSvnKl2q0NP/gCLUhCe3cot5xTZbGy8a4OiBUhs77sWM5sl1eYCmYWV7Wq6E39
Cvg+N2VmvIF2dLfQY0MxVP7O9Oq2QGx56L+qtfSKGMUn9kIFnt++Bo9aeqjGGINB
6VkupOovjapwobnO1WeD
=7F1P
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
--
To UNSUBSCRIBE, email to debian-dpkg-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1wiacc-0001rp...@franck.debian.org
