Ubuntu
dpkg package

Bug #1389135
Comment #9

Comment 9 for bug 1389135

Revision history for this message

Joshua Rogers (megamansec) wrote on 2014-11-15:

#9

0001-libdpkg-Escape-package-and-architecture-on-control-f.patch Edit (1.5 KiB, text/plain)

Just for reference: the vulnrable function is parse_error_msg([..]), not warningv([..]).

I've attached the patch that the maintainer as reccomended for the latest version of dpkg.