Format: 1.8
Date: Wed, 15 Feb 2012 03:33:42 -0600
Source: devscripts
Binary: devscripts
Architecture: armel armel_translations
Version: 2.10.67ubuntu1.1
Distribution: maverick
Urgency: low
Maintainer: Ubuntu/armel Build Daemon <buildd@crabapple.buildd>
Changed-By: Tyler Hicks <tyhicks@canonical.com>
Description: 
 devscripts - scripts to make the life of a Debian Package maintainer easier
Changes: 
 devscripts (2.10.67ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
     and .changes files
     - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
       Raphael Geissert for the original patch.
     - CVE-2012-0210
   * SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
     level directory of the original upstream source tarball
     - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
       Adam D. Barratt for the original patch.
     - CVE-2012-0211
   * SECURITY UPDATE: Arbritray code execution via crafted filenames in
     arguments passed to debdiff
     - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
       upstream patches.
     - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
     - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
     - CVE-2012-0212
   * scripts/debdiff.pl: Remove undocumented functionality which treated
     files with extentionless filenames as packages. Thanks to Adam D. Barratt
     for the original patch.
     - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559
Checksums-Sha1: 
 3720a17caac45791c6ea12abc4989248b93e8251 609750 devscripts_2.10.67ubuntu1.1_armel.deb
 df2f9677453dd1ebcab2acc84a936f0c8e09c6be 279488 devscripts_2.10.67ubuntu1.1_armel_translations.tar.gz
Checksums-Sha256: 
 78f25c095e46c6c7547b7c19a7379689100cc82377016af4104e849a03b188b1 609750 devscripts_2.10.67ubuntu1.1_armel.deb
 78fb4353d03509af09afcc6b06544e14a988775b1ead9d986c3a7d25e9b45c60 279488 devscripts_2.10.67ubuntu1.1_armel_translations.tar.gz
Files: 
 167d8b6388cf37fb65ddef160dc14b90 609750 devel optional devscripts_2.10.67ubuntu1.1_armel.deb
 54bb73d9f20d8daa616f97e668f00ce0 279488 raw-translations - devscripts_2.10.67ubuntu1.1_armel_translations.tar.gz
Original-Maintainer: Devscripts Devel Team <pkg-devscripts@teams.debian.net>