lp://qastaging/ubuntu/oneiric-security/devscripts
- Get this branch:
- bzr branch lp://qastaging/ubuntu/oneiric-security/devscripts
Branch merges
Branch information
Recent revisions
- 108. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via insufficient validation
in dscverify
- scripts/dscverify. pl: perform better validation.
- 9fba4788933475185df5e58b7fa557 e5e3fb15e4
- CVE-2012-2240
* SECURITY UPDATE: arbitrary file deletion via insufficient validation
in dget
- scripts/dget.pl: strip invalid characters
- 0fd15bdec07b085f9ef438dacd18e1 59ac60b810
- CVE-2012-2241
* SECURITY UPDATE: file alteration via TOCTOU in annotate-output
- scripts/annotate- output. sh: prevent symlink attack.
- 4d23a5e6c90f7a37b0972b30f5d31d ce97a93eb0
- CVE-2012-3500
* REGRESSION FIX: improper exit code in CVE-2012-0212 debdiff.pl fix
- f9a1a4c468671827d2650161cc3332 4fe0247a98 - 107. By Tyler Hicks
-
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
and .changes files
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Raphael Geissert for the original patch.
- CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
level directory of the original upstream source tarball
- scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
Adam D. Barratt for the original patch.
- CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
arguments passed to debdiff
- scripts/debdiff.pl: Perform input sanitization on filenames. Based on
upstream patches.
- http://anonscm. debian. org/gitweb/ ?p=devscripts/ devscripts. git;a=commitdif f;h=87f88232eb6 43f0c118c6ba38d b8e966915b450f
- http://anonscm. debian. org/gitweb/ ?p=devscripts/ devscripts. git;a=commitdif f;h=76227af1ee8 d68f4844f642325 eac903ca21e739
- CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
files with extentionless filenames as packages. Thanks to Adam D. Barratt
for the original patch.
- http://bugs.debian. org/cgi- bin/bugreport. cgi?bug= 659559 - 104. By Benjamin Drung
-
* Merge from Debian unstable; remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-keyring: not useful enough in Ubuntu; universe only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "oneiric" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*.
* Remove debian-maintainers from Recommends (the key moved to debian-keyring). - 103. By Reinhard Tartler
-
* Replace the change of the previous upload with Debian's implementation:
* debuild: Call dpkg-source --before-build/- -after- build when emulating
dpkg-buildpackage. (Closes: #628481) - 102. By Reinhard Tartler
-
debclean: run quilt pop -a when option 'unapply-patches' is set in
debian/source/ local-options' , Closes: #633428 - 101. By Benjamin Drung
-
* Merge from Debian unstable; remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-{keyring, maintainers} : not useful enough in Ubuntu; universe
only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "oneiric" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*. - 100. By Benjamin Drung
-
* Merge from Debian unstable (LP: #717389); remaining changes:
- Demote Recommends to Suggests:
+ libcrypt-ssleay- perl: only needed for a corner case (uscan on SSL
download sites), wasn't installed by default in previous releases
either, and seems quite dead upstream; universe only.
+ debian-{keyring, maintainers} : not useful enough in Ubuntu; universe
only.
+ equivs: too much of a hack to install by default; universe only.
+ libyaml-syck-perl: transition-check is fairly Debian-specific.
- scripts/debchange. {pl,1}:
+ Adjust --security template for Ubuntu.
+ Add -U/--upstream flag that forces original "just increment
the end" behaviour; Ubuntu is upstream for some pieces of software.
+ Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
output.
+ Default to "oneiric" as distribution.
+ Add "ubuntu1" to version string for new versions, with tweaks for
special cases.
+ Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
+ Don't use the last distribution in debian/changelog when doing
"dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
doesn't mean that's the right thing to do now." Thanks to Colin
Watson. (LP: #429288)
- scripts/debsign. {sh,1}: Implement DEBSIGN_ ALWAYS_ RESIGN variable to skip
the "Would you like to use the current signature?" question. (Debian
#447955)
- scripts/debuild.pl: Enforce Ubuntu merge policy.
- scripts/dscverify. pl: Add Ubuntu keyrings.
- scripts/rmadison. pl: Change default URL parameter to ubuntu.
- Add test/debchange.pl, test/Makefile: debchange test suite.
- Rename XS-Vcs-* to XS-Debian-Vcs-*.
* debchange: Use dpkg-vendor instead of lsb_release.
* debchange: Add DEBCHANGE_DISTRIBUTOR to array of config variables. Thanks
to Adam Dorsey for the patch. (LP: #783693)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://qastaging/ubuntu/precise/devscripts