[ubuntu/lucid] lintian 2.3.2ubuntu1 (Accepted)
Kees Cook
kees at ubuntu.com
Thu Jan 28 07:15:15 GMT 2010
lintian (2.3.2ubuntu1) lucid; urgency=low
* Merge with Debian testing; remaining changes:
- Don't warn about a symlinked changelog file in Ubuntu due to CDBS.
lintian (2.3.2) unstable; urgency=high
* Summary of tag changes:
+ Added:
- conflicting-negation-in-source-relation
* checks/{control-files,files,menu-format,menus}:
+ [RG] Fix CVE-2009-4014: format string vulnerabilities.
* checks/{fields,patch-systems}:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
* checks/{files,patch-systems,po-debconf}:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* checks/changelog-file:
+ [RA] Avoid Perl warning when the NEWS file ends immediately after
the most recent entry. (Closes: #563585)
* checks/copyright-file:
+ [RA] Relax the regex for matching dh-make-perl boilerplate to catch
the current text. Thanks, gregor herrmann. (Closes: #563571)
* checks/fields{,.desc}:
+ [RA] Reject "all" and "any" in architecture qualifications for build
dependencies. Thanks, Jonathan Yu.
+ [RA] Warn if some architectures in a build relation are negated and
others are not.
* checks/files.desc:
+ [JP] Fix outdated reference in file-in-usr-lib-site-python.
* checks/infofiles:
+ [RA] Pass LOCPATH to subprocesses.
+ [ADB] Don't flag info files with filenames of info-N.gz as having an
incorrect extension if N contains multiple digits. (Closes: #564900)
* checks/manpages:
+ [RA] Pass LOCPATH to subprocesses.
* collection/objdump-info:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* collection/source-control-file:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
* data/output/manual-references:
+ [JP] Refresh reference data against Policy 3.8.3, doc-base 0.9.5,
developers-reference 3.4.3, and Python Policy 0.9.0.
* debian/control:
+ [RA] Depend on locales.
* debian/prerm:
+ [RA] Remove /var/lib/lintian/locale on any removal except upgrades.
* debian/postinst:
+ [RA] Generate an en_US.UTF-8 locale in /var/lib/lintian/locale for
use for tests, particularly man page tests. (Closes: #555408)
* frontend/lintian:
+ [RA] Set LOCPATH to LINTIAN_ROOT/locale or /var/lib/lintian/locale,
whichever exist.
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
* lib/Lintian/Collect.pm:
+ [ADB] Update the documentation to reflect the existence of
Lintian::Collect::Binary.
* lib/Lintian/Collect/Binary.pm:
+ [ADB] Correct a reference in the documentation indicating that the
module collects data for source packages.
* lib/Lintian/Schedule.pm:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
+ [RG] Fix CVE-2009-4014: format string vulnerabilities.
* lib/Spelling.pm:
+ [RA] Add additional spelling corrections.
+ [RA] Remove spelling correction for parameterize. This is the
correct US spelling. Thanks, Jonathan Yu. (Closes: #564523)
+ [RA] Remove spelling correction for useable, a variant permitted
by the OED. Thanks, Vagrant Cascadian. (Closes: #564740)
+ [RG] Add more spelling corrections.
* lib/Util.pm:
+ [RA] Pass LOCPATH to subprocesses.
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* man/lintian.1:
+ [RA] Spelling fix. Thanks, A. Costa. (Closes: #564017)
* private/refresh-manual-refs:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* reporting/{config,html_reports}:
+ [JP] Make it possible to keep a record of statistics of previous
archive-wide Lintian executions.
* reporting/templates/maintainer.tmpl:
+ [RA] Really fix the logic to optionally display the archive area of
additional package entries under the same source package.
* unpack/unpack-{bin,src}pkg-l1:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
Date: Wed, 27 Jan 2010 17:05:51 -0800
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/lintian/2.3.2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 27 Jan 2010 17:05:51 -0800
Source: lintian
Binary: lintian
Architecture: source
Version: 2.3.2ubuntu1
Distribution: lucid
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
lintian - Debian package checker
Closes: 555408 563571 563585 564017 564523 564740 564900
Changes:
lintian (2.3.2ubuntu1) lucid; urgency=low
.
* Merge with Debian testing; remaining changes:
- Don't warn about a symlinked changelog file in Ubuntu due to CDBS.
.
lintian (2.3.2) unstable; urgency=high
.
* Summary of tag changes:
+ Added:
- conflicting-negation-in-source-relation
.
* checks/{control-files,files,menu-format,menus}:
+ [RG] Fix CVE-2009-4014: format string vulnerabilities.
* checks/{fields,patch-systems}:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
* checks/{files,patch-systems,po-debconf}:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* checks/changelog-file:
+ [RA] Avoid Perl warning when the NEWS file ends immediately after
the most recent entry. (Closes: #563585)
* checks/copyright-file:
+ [RA] Relax the regex for matching dh-make-perl boilerplate to catch
the current text. Thanks, gregor herrmann. (Closes: #563571)
* checks/fields{,.desc}:
+ [RA] Reject "all" and "any" in architecture qualifications for build
dependencies. Thanks, Jonathan Yu.
+ [RA] Warn if some architectures in a build relation are negated and
others are not.
* checks/files.desc:
+ [JP] Fix outdated reference in file-in-usr-lib-site-python.
* checks/infofiles:
+ [RA] Pass LOCPATH to subprocesses.
+ [ADB] Don't flag info files with filenames of info-N.gz as having an
incorrect extension if N contains multiple digits. (Closes: #564900)
* checks/manpages:
+ [RA] Pass LOCPATH to subprocesses.
.
* collection/objdump-info:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
* collection/source-control-file:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
.
* data/output/manual-references:
+ [JP] Refresh reference data against Policy 3.8.3, doc-base 0.9.5,
developers-reference 3.4.3, and Python Policy 0.9.0.
.
* debian/control:
+ [RA] Depend on locales.
* debian/prerm:
+ [RA] Remove /var/lib/lintian/locale on any removal except upgrades.
* debian/postinst:
+ [RA] Generate an en_US.UTF-8 locale in /var/lib/lintian/locale for
use for tests, particularly man page tests. (Closes: #555408)
.
* frontend/lintian:
+ [RA] Set LOCPATH to LINTIAN_ROOT/locale or /var/lib/lintian/locale,
whichever exist.
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
.
* lib/Lintian/Collect.pm:
+ [ADB] Update the documentation to reflect the existence of
Lintian::Collect::Binary.
* lib/Lintian/Collect/Binary.pm:
+ [ADB] Correct a reference in the documentation indicating that the
module collects data for source packages.
* lib/Lintian/Schedule.pm:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
+ [RG] Fix CVE-2009-4014: format string vulnerabilities.
* lib/Spelling.pm:
+ [RA] Add additional spelling corrections.
+ [RA] Remove spelling correction for parameterize. This is the
correct US spelling. Thanks, Jonathan Yu. (Closes: #564523)
+ [RA] Remove spelling correction for useable, a variant permitted
by the OED. Thanks, Vagrant Cascadian. (Closes: #564740)
+ [RG] Add more spelling corrections.
* lib/Util.pm:
+ [RA] Pass LOCPATH to subprocesses.
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
.
* man/lintian.1:
+ [RA] Spelling fix. Thanks, A. Costa. (Closes: #564017)
.
* private/refresh-manual-refs:
+ [RG] Fix CVE-2009-4015: arbitrary command execution.
.
* reporting/{config,html_reports}:
+ [JP] Make it possible to keep a record of statistics of previous
archive-wide Lintian executions.
* reporting/templates/maintainer.tmpl:
+ [RA] Really fix the logic to optionally display the archive area of
additional package entries under the same source package.
.
* unpack/unpack-{bin,src}pkg-l1:
+ [RG] Fix CVE-2009-4013: missing control files sanitation.
Checksums-Sha1:
09f5578497056680a4bb2b39d890b021183b15ef 1349 lintian_2.3.2ubuntu1.dsc
7d0a64f768ce637cbd1338bd1108f16395ac2d05 781071 lintian_2.3.2ubuntu1.tar.gz
Checksums-Sha256:
5dc8e20c990eac2bccbb28b5ddbf8e27008e6a7b94409b83afd3c03f7c370e38 1349 lintian_2.3.2ubuntu1.dsc
d015ef69acc44eef96a61297cda70814d17fb83388bb0f9d57962135905831da 781071 lintian_2.3.2ubuntu1.tar.gz
Files:
92b9c1cd4bab48384124d5008e6c021c 1349 devel optional lintian_2.3.2ubuntu1.dsc
d015bc41d47c720b94195c535d468ffc 781071 devel optional lintian_2.3.2ubuntu1.tar.gz
Original-Maintainer: Debian Lintian Maintainers <lintian-maint at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>
iEYEARECAAYFAkthOBcACgkQH/9LqRcGPm1RmACgi1bearIp/je+aHuRZcEe2nUK
TQ0An39OG1qbJDaSNBXjWD29E98RR6Du
=ugNF
-----END PGP SIGNATURE-----
More information about the Lucid-changes
mailing list