Bug#774716: paxtar: directory traversal vulnerabilities

Package: pax Version: 1:20140703-2 Tags: security paxtar is susceptible to directory traversal vulnerabilities. They can be exploited by a rogue archive to write files outside the current directory. 1. paxtar will extract files with .. components in names. For example, let's create a sample

Bug#774716: paxtar: directory traversal vulnerabilities

Alexander Cherepanov dixit: > 1. paxtar will extract files with .. components in names. > 2. While extracting an archive, it will extract symlinks and then follow them > if they are referenced in further entries. Please check if any of these are required by POSIX and, if not, report this bug to

Bug#711685: marked as done (pbbuttonsd is not rewritten for kernel 3.2)

Your message dated Tue, 06 Jan 2015 09:34:33 + with message-id and subject line Bug#711685: fixed in pbbuttonsd 0.7.9-4 has caused the Debian Bug report #711685, regarding pbbuttonsd is not rewritten for kernel 3.2 to be marked as done. This means that you claim that the problem has been deal

pbbuttonsd_0.7.9-4_powerpc.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 06 Jan 2015 10:12:35 +0100 Source: pbbuttonsd Binary: pbbuttonsd pbbuttonsd-dev Architecture: source powerpc Version: 0.7.9-4 Distribution: unstable Urgency: low Maintainer: Debian QA Group Changed-By: Mathieu Malat

Processing of pbbuttonsd_0.7.9-4_powerpc.changes

pbbuttonsd_0.7.9-4_powerpc.changes uploaded successfully to localhost along with the files: pbbuttonsd_0.7.9-4.dsc pbbuttonsd_0.7.9-4.debian.tar.gz pbbuttonsd_0.7.9-4_powerpc.deb pbbuttonsd-dev_0.7.9-4_powerpc.deb Greetings, Your Debian queue daemon (running on host franck.debian.