On Thu, 2014-05-01 at 06:54:30 +0200, Guillem Jover wrote: > On Wed, 2014-04-30 at 18:14:29 +0200, Javier Serrano Polo wrote: > > Package: dpkg > > Version: 1.15.8.13 1.16.12 > > Tags: security > > > Directory traversal was already possible. I have suggested a solution. > > That is the way I fixed it: dry run, let the patch tool say what files > > will be touched. Another solution would be to stop using an external > > tool. > > Ok, now I'm confused, do you mean there's another security problem?
If so, I'd appreciate if you could send me a PoC package. Thanks, Guillem -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org