[ubuntu/natty] dpkg 1.15.8.7ubuntu2 (Accepted)
Kees Cook
kees at ubuntu.com
Thu Jan 6 21:10:29 UTC 2011
dpkg (1.15.8.7ubuntu2) natty; urgency=low
* SECURITY UPDATE: relative directory and symlink following in source pkgs.
- scripts/Dpkg/Source/Archive.pm, scripts/Dpkg/Source/Patch.pm,
scripts/Dpkg/Source/Package/V2.pm: applied fixes from Raphael Hertzog,
thanks to Raphael Geissert.
- CVE-2010-1679
Date: Thu, 06 Jan 2011 12:48:51 -0800
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/dpkg/1.15.8.7ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 06 Jan 2011 12:48:51 -0800
Source: dpkg
Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect
Architecture: source
Version: 1.15.8.7ubuntu2
Distribution: natty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
dpkg - Debian package management system
dpkg-dev - Debian package development tools
dselect - Debian package management front-end
libdpkg-dev - Debian package management static library
libdpkg-perl - Dpkg perl modules
Changes:
dpkg (1.15.8.7ubuntu2) natty; urgency=low
.
* SECURITY UPDATE: relative directory and symlink following in source pkgs.
- scripts/Dpkg/Source/Archive.pm, scripts/Dpkg/Source/Patch.pm,
scripts/Dpkg/Source/Package/V2.pm: applied fixes from Raphael Hertzog,
thanks to Raphael Geissert.
- CVE-2010-1679
Checksums-Sha1:
f50fa9a26a0ec1ab7a0b8919d8b1107e50b35526 1353 dpkg_1.15.8.7ubuntu2.dsc
53f911d567ada1590302c2181275ce14b71cbe0b 5294707 dpkg_1.15.8.7ubuntu2.tar.bz2
Checksums-Sha256:
dbf00a1806f61bd917db78861d58fa835bd1df1226a609abc3a112ed4ba591e6 1353 dpkg_1.15.8.7ubuntu2.dsc
c8be2e30be90b3af181d24010b2dc8590f2c8a149a11d0e34262fccfce55224a 5294707 dpkg_1.15.8.7ubuntu2.tar.bz2
Files:
32e576013bf93f9b04e1d6bd46ca0334 1353 admin required dpkg_1.15.8.7ubuntu2.dsc
ed4d2e4d6b2ac46aed8efc565a609e4f 5294707 admin required dpkg_1.15.8.7ubuntu2.tar.bz2
Original-Maintainer: Dpkg Developers <debian-dpkg at lists.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>
iEYEARECAAYFAk0mLoIACgkQH/9LqRcGPm0ADgCffxC98kW+f9mckaCjMrKLjgYx
Wn4An0FR/tF/Uc+MMBCdndtoRMrzF4i7
=ayyR
-----END PGP SIGNATURE-----
More information about the Natty-changes
mailing list