Ubuntu
devscripts package

lp://qastaging/ubuntu/oneiric-updates/devscripts

  1. Oneiric (11.10)
  2. oneiric-updates
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://qastaging/ubuntu/oneiric-updates/devscripts
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

108. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via insufficient validation
  in dscverify
  - scripts/dscverify.pl: perform better validation.
  - 9fba4788933475185df5e58b7fa557e5e3fb15e4
  - CVE-2012-2240
* SECURITY UPDATE: arbitrary file deletion via insufficient validation
  in dget
  - scripts/dget.pl: strip invalid characters
  - 0fd15bdec07b085f9ef438dacd18e159ac60b810
  - CVE-2012-2241
* SECURITY UPDATE: file alteration via TOCTOU in annotate-output
  - scripts/annotate-output.sh: prevent symlink attack.
  - 4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0
  - CVE-2012-3500
* REGRESSION FIX: improper exit code in CVE-2012-0212 debdiff.pl fix
  - f9a1a4c468671827d2650161cc33324fe0247a98

107. By Tyler Hicks

* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
  and .changes files
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Raphael Geissert for the original patch.
  - CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
  level directory of the original upstream source tarball
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Adam D. Barratt for the original patch.
  - CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
  arguments passed to debdiff
  - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
    upstream patches.
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
  - CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
  files with extentionless filenames as packages. Thanks to Adam D. Barratt
  for the original patch.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559

106. By Stéphane Graber

releasing version 2.11.1ubuntu3

105. By Stefano Rivera

debchange: Add precise, and make it the new default upload target.

104. By Benjamin Drung

* Merge from Debian unstable; remaining changes:
  - Demote Recommends to Suggests:
    + libcrypt-ssleay-perl: only needed for a corner case (uscan on SSL
      download sites), wasn't installed by default in previous releases
      either, and seems quite dead upstream; universe only.
    + debian-keyring: not useful enough in Ubuntu; universe only.
    + equivs: too much of a hack to install by default; universe only.
    + libyaml-syck-perl: transition-check is fairly Debian-specific.
  - scripts/debchange.{pl,1}:
    + Adjust --security template for Ubuntu.
    + Add -U/--upstream flag that forces original "just increment
      the end" behaviour; Ubuntu is upstream for some pieces of software.
    + Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
      output.
    + Default to "oneiric" as distribution.
    + Add "ubuntu1" to version string for new versions, with tweaks for
      special cases.
    + Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
    + Don't use the last distribution in debian/changelog when doing
      "dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
      doesn't mean that's the right thing to do now." Thanks to Colin
      Watson. (LP: #429288)
  - Add test/debchange.pl, test/Makefile: debchange test suite.
  - Rename XS-Vcs-* to XS-Debian-Vcs-*.
* Remove debian-maintainers from Recommends (the key moved to debian-keyring).

103. By Reinhard Tartler

* Replace the change of the previous upload with Debian's implementation:
* debuild: Call dpkg-source --before-build/--after-build when emulating
  dpkg-buildpackage. (Closes: #628481)

102. By Reinhard Tartler

debclean: run quilt pop -a when option 'unapply-patches' is set in
debian/source/local-options', Closes: #633428

101. By Benjamin Drung

* Merge from Debian unstable; remaining changes:
  - Demote Recommends to Suggests:
    + libcrypt-ssleay-perl: only needed for a corner case (uscan on SSL
      download sites), wasn't installed by default in previous releases
      either, and seems quite dead upstream; universe only.
    + debian-{keyring,maintainers}: not useful enough in Ubuntu; universe
      only.
    + equivs: too much of a hack to install by default; universe only.
    + libyaml-syck-perl: transition-check is fairly Debian-specific.
  - scripts/debchange.{pl,1}:
    + Adjust --security template for Ubuntu.
    + Add -U/--upstream flag that forces original "just increment
      the end" behaviour; Ubuntu is upstream for some pieces of software.
    + Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
      output.
    + Default to "oneiric" as distribution.
    + Add "ubuntu1" to version string for new versions, with tweaks for
      special cases.
    + Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
    + Don't use the last distribution in debian/changelog when doing
      "dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
      doesn't mean that's the right thing to do now." Thanks to Colin
      Watson. (LP: #429288)
  - Add test/debchange.pl, test/Makefile: debchange test suite.
  - Rename XS-Vcs-* to XS-Debian-Vcs-*.

100. By Benjamin Drung

* Merge from Debian unstable (LP: #717389); remaining changes:
  - Demote Recommends to Suggests:
    + libcrypt-ssleay-perl: only needed for a corner case (uscan on SSL
      download sites), wasn't installed by default in previous releases
      either, and seems quite dead upstream; universe only.
    + debian-{keyring,maintainers}: not useful enough in Ubuntu; universe
      only.
    + equivs: too much of a hack to install by default; universe only.
    + libyaml-syck-perl: transition-check is fairly Debian-specific.
  - scripts/debchange.{pl,1}:
    + Adjust --security template for Ubuntu.
    + Add -U/--upstream flag that forces original "just increment
      the end" behaviour; Ubuntu is upstream for some pieces of software.
    + Add --distributor= and DEBCHANGE_DISTRIBUTOR to override lsb_release
      output.
    + Default to "oneiric" as distribution.
    + Add "ubuntu1" to version string for new versions, with tweaks for
      special cases.
    + Add -R/--rebuild flag for Ubuntu's no-change rebuilds.
    + Don't use the last distribution in debian/changelog when doing
      "dch -r" on Ubuntu. "Just because it was last uploaded to jaunty
      doesn't mean that's the right thing to do now." Thanks to Colin
      Watson. (LP: #429288)
  - scripts/debsign.{sh,1}: Implement DEBSIGN_ALWAYS_RESIGN variable to skip
    the "Would you like to use the current signature?" question. (Debian
    #447955)
  - scripts/debuild.pl: Enforce Ubuntu merge policy.
  - scripts/dscverify.pl: Add Ubuntu keyrings.
  - scripts/rmadison.pl: Change default URL parameter to ubuntu.
  - Add test/debchange.pl, test/Makefile: debchange test suite.
  - Rename XS-Vcs-* to XS-Debian-Vcs-*.
* debchange: Use dpkg-vendor instead of lsb_release.
* debchange: Add DEBCHANGE_DISTRIBUTOR to array of config variables. Thanks
  to Adam Dorsey for the patch. (LP: #783693)

99. By Stéphane Graber

releasing version 2.10.69ubuntu3

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://qastaging/ubuntu/precise/devscripts
This branch contains Public information 
Everyone can see this information.

Subscribers