Changelog
reportbug (6.5.0+nmu1ubuntu1) utopic; urgency=medium
* Merge from Debian unstable. Remaining changes (LP: #1353046):
- bin/reportbug: If bts=ubuntu or unconfigured, exit with an
an error and refer user "ubuntu-bug" instead.
- reportbug/__init__.py: Match reportbug version with package version.
- debian/control: Add prominent note to package description.
- debian/rules, debian/dirs: Do not install .desktop file.
reportbug (6.5.0+nmu1) unstable; urgency=high
* Non-maintainer upload.
* CVE-2014-0479: Arbitrary code execution in compare_versions.
A man-in-the-middle attacker could put shell metacharacters in the
version number, causing execution of code of their choice.
Thanks to Jakub Wilk <email address hidden>
-- Scott Kitterman <email address hidden> Tue, 05 Aug 2014 14:49:52 -0400