-
devscripts (2.14.1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: directory traversal issue in uupdate
- scripts/uupdate.sh: remove symlinks before applying patches, and
restore them afterwards.
- http://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=0fef671
- CVE-2014-1833
-- Marc Deslauriers <email address hidden> Mon, 15 Jun 2015 13:15:10 -0400
-
devscripts (2.14.1) unstable; urgency=medium
* Actually install sadt. (Closes: #736683)
-- James McCoy <email address hidden> Sat, 25 Jan 2014 22:15:46 -0500
-
devscripts (2.13.9) unstable; urgency=low
[ Martin Pitt ]
* autopkgtest: Add "allow-stderr" restriction to avoid failing tests because
of the HTTP server log on stderr.
[ James McCoy ]
* uscan:
+ Repack the tarball and verify it is a compressed archive without
allowing arbitrary code execution. Fixes CVE-2013-6888.
+ Use find's -exec to call rm directly instead of piping to xargs.
(Closes: #732006, CVE-2013-7085)
+ Follow tar's recommended security practices
- Use --keep-old-files --no-overwrite-dir
- Ensure parent directory of directory used for repacking archive isn't
accessible to other users.
+ Fix handling of 'dirname' exclusions, so 'dirname/*' isn't required.
[ Salvatore Bonaccorso ]
* uscan: Fix unitialized value warning when copyright is not in
copyright-format 1.0. (Closes: #732807)
-- James McCoy <email address hidden> Mon, 23 Dec 2013 15:28:45 -0500
-
devscripts (2.13.8git1) trusty; urgency=low
Upload current Debian git head to fix autopkgtest.
* autopkgtest: Add "allow-stderr" restriction to avoid failing tests because
of the HTTP server log on stderr.
-- Martin Pitt <email address hidden> Thu, 12 Dec 2013 11:18:58 +0100
-
devscripts (2.13.8) unstable; urgency=medium
[ James McCoy ]
* uscan: Fix arbitrary command execution when using USCAN_EXCLUSION.
(Closes: #731849)
[ Adam D. Barratt ]
* Honour USCAN_EXCLUSION. (Closes: #731885)
-- James McCoy <email address hidden> Tue, 10 Dec 2013 20:26:42 -0500
-
devscripts (2.13.5) unstable; urgency=low
[ James McCoy ]
* namecheck: Fix “406 Not Acceptable” error when querying Alioth. (Closes:
#725228)
* uscan:
+ Allow specifying file exclusion rules in d/copyright so uscan can
automatically repack upstream archives which contain non-DFSG content.
Thanks to Andreas Tille, gregor herrmann, and Rafael Laboissiere for the
patches. (Closes: #685787)
+ Require LWP::Protocol::https instead of Crypt::SSLeay to access https
sites. (Closes: #624317)
* test/*:
+ Pass --no-conf to commands which may be influenced by ~/.devscripts
+ Fix a test failure in test_uscan_online due to different version format.
* rc-alert: Be more flexible in the formatting of the HTML being parsed.
(Closes: #729779)
* who-uploads: Use long keyid format to avoid ambiguity. (Closes: #674579)
[ Evgeni Golov ]
* debcheckout: allow setting the user for auth mode in the config. (Closes:
#722171)
[ Joachim Breitner ]
* debcommit: Fix --release with darcs when the repository is clean. (Closes:
#728177)
[ Christoph Berg ]
* origtargz: Document pristine-tar support in the manpage.
* rmadison: Support -r (--regex) parameter. (This is still unsupported on
qa.debian.org, but possible on some 3rd-party repositories like
apt.postgresql.org.)
[ Benjamin Drung ]
* test/test_debchange: Strip distribution data outdated warnings. (Closes:
#726694)
[ Translation updates ]
* German, Chris Leick.
* French, David Prévot.
[ Julien Cristau ]
* debchange: the default setting for urgency is now 'medium' (Closes: #730343)
-- James McCoy <email address hidden> Wed, 04 Dec 2013 22:27:45 -0500
-
devscripts (2.13.4build1) trusty; urgency=low
* No change rebuild for trusty.
-- Stephane Graber <email address hidden> Tue, 29 Oct 2013 12:19:47 -0400
-
devscripts (2.13.4) unstable; urgency=low
[ James McCoy ]
* Document which scripts use libdistro-info-perl. (Closes: #708311)
* Make curl return a proper exit code for HTTP errors. (Closes: #720508)
* mk-build-deps: Define the deb's version when parsing a debian/control
file. (Closes: #721939)
* checkbashisms: Sort the keys of the bashisms hashes to provide
consistently ordered output. This avoids false positive failures in the
test suite.
[ Charles Pigott ]
* Fix POD issues. (LP: #1226318, Closes: #719828)
[ Translation updates ]
* French, David Prévot.
-- James McCoy <email address hidden> Thu, 19 Sep 2013 18:53:57 -0400
