lp:ubuntu/natty-security/devscripts
- Get this branch:
- bzr branch lp:ubuntu/natty-security/devscripts
Branch merges
Branch information
Recent revisions
- 100. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via insufficient validation
in dscverify
- scripts/dscverify. pl: perform better validation.
- 22881936e53e6b585d3dc60f3161e9 d704c5138d
- CVE-2012-2240
* SECURITY UPDATE: arbitrary file deletion via insufficient validation
in dget
- scripts/dget.pl: strip invalid characters.
- 79d27778321f7bb778097cfb7a724a e976fb4fbd
- CVE-2012-2241
* SECURITY UPDATE: arbitrary code execution via improper argument
escaping in dget
- scripts/dget.pl: escape $file better, and call system() with proper
arguments.
- db49f493baaac2387a4dd76370c101 8109e31dfc
- CVE-2012-2242
* SECURITY UPDATE: file alteration via TOCTOU in annotate-output
- scripts/annotate- output. sh: prevent symlink attack.
- 1bbe2163987c53064a4cd57712927f 4b06c01032
- CVE-2012-3500
* REGRESSION FIX: improper exit code in CVE-2012-0212 debdiff.pl fix
- 252a42d225f489e398f3c0402c1f7d 1e9a4451c0 - 99. By Tyler Hicks
-
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
and .changes files
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Raphael Geissert for the original patch.
- CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
level directory of the original upstream source tarball
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Adam D. Barratt for the original patch.
- CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
arguments passed to debdiff
- scripts/debdiff.pl: Perform input sanitization on filenames. Based on
upstream patches.
- http://anonscm. debian. org/gitweb/ ?p=devscripts/ devscripts. git;a=commitdif f;h=87f88232eb6 43f0c118c6ba38d b8e966915b450f
- http://anonscm. debian. org/gitweb/ ?p=devscripts/ devscripts. git;a=commitdif f;h=76227af1ee8 d68f4844f642325 eac903ca21e739
- CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
files with extentionless filenames as packages. Thanks to Adam D. Barratt
for the original patch.
- http://bugs.debian. org/cgi- bin/bugreport. cgi?bug= 659559 - 97. By Matthias Klose
-
* Merge with Debian; remaining changes:
- see 2.10.68ubuntu1.
- Default to "natty" as distribution. - 95. By Loïc Minier
-
* Merge from Debian unstable; remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
+ debian-{keyring, maintainers} : not useful enough in Ubuntu; universe
only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "maverick" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- scripts/debcommit. pl: support commiting to bzr from debian/.
- scripts/debsign. {sh,1}: Implement DEBSIGN_ ALWAYS_ RESIGN variable to skip
the "Would you like to use the current signature?" question. (Debian
#447955)
- scripts/debuild.pl: Enforce Ubuntu merge policy.
- scripts/dscverify. pl: Add Ubuntu keyrings.
- scripts/rmadison. pl: Change default URL parameter to ubuntu.
- Add test/debchange.pl, test/Makefile: debchange test suite; call it
during build in debian/rules. Also add lsb-release build dependency for
this, so that debchange uses Ubuntu mode.
* scripts/debchange. pl: Move declaration of $opt_distributor before
.devscripts / environment parsing. - 94. By Loïc Minier
-
* debchange: Add support for DEBCHANGE_
DISTRIBUTOR config.
* debchange.1: document --distributor and DEBCHANGE_DISTRIBUTOR. - 93. By Benjamin Drung
-
* Merge from Debian unstable; remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
+ debian-{keyring, maintainers} : not useful enough in Ubuntu; universe
only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= to override lsb_release output.
+ Default to "maverick" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- scripts/debcommit. pl: support commiting to bzr from debian/.
- scripts/debsign. {sh,1}: Implement DEBSIGN_ ALWAYS_ RESIGN variable to skip
the "Would you like to use the current signature?" question. (Debian
#447955)
- scripts/debuild.pl: Enforce Ubuntu merge policy.
- scripts/dscverify. pl: Add Ubuntu keyrings.
- scripts/rmadison. pl: Change default URL parameter to ubuntu.
- Add test/debchange.pl, test/Makefile: debchange test suite; call it
during build in debian/rules. Also add lsb-release build dependency for
this, so that debchange uses Ubuntu mode.
* Add natty as an allowable distribution for Ubuntu (Closes: #593659). - 92. By أحمد المحمودي (Ahmed El-Mahmoudy)
-
* Merge from Debian unstable (LP: #614674); remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ libsoap-lite-perl: only needed for one less common command ("select")
for bts, which isn't useful for Ubuntu itself, and pulls in a lot of
other universe Perl libraries; universe only.
+ debian-{keyring, maintainers} : not useful enough in Ubuntu; universe
only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= to override lsb_release output.
+ Default to "maverick" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- scripts/debcommit. pl: support commiting to bzr from debian/.
- scripts/debsign. {sh,1}: Implement DEBSIGN_ ALWAYS_ RESIGN variable to skip
the "Would you like to use the current signature?" question. (Debian
#447955)
- scripts/debuild.pl: Enforce Ubuntu merge policy.
- scripts/dscverify. pl: Add Ubuntu keyrings.
- scripts/rmadison. pl: Change default URL parameter to ubuntu.
- Add test/debchange.pl, test/Makefile: debchange test suite; call it
during build in debian/rules. Also add lsb-release build dependency for
this, so that debchange uses Ubuntu mode.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/devscripts