Accepted:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 08 Aug 2015 22:40:55 -0400 Source: devscripts Binary: devscripts Architecture: amd64 source Version: 2.15.8~bpo8+1 Distribution: jessie-backports Urgency: high Maintainer: Devscripts Devel Team <[email protected]> Changed-By: James McCoy <[email protected]> Closes: 788707 788777 789074 789389 790047 791756 791918 792917 793396 794260 794263 794282 794365 Description: devscripts - scripts to make the life of a Debian Package maintainer easier Changes: devscripts (2.15.8~bpo8+1) jessie-backports; urgency=medium . * Rebuild for jessie-backports. . devscripts (2.15.8) unstable; urgency=high . * licensecheck: + Avoid argument injection which may cause file to overwrite a file through symlink indirection. (Closes: #794365, CVE-2015-5705) . devscripts (2.15.7) unstable; urgency=medium . * licensecheck: + Use Dpkg::IPC to run file to avoid shell injection. (Closes: #794260, CVE-2015-5704) + Change whitelist of mime types to greylist of encodings. Restores ability to check files with mime types like text/x-c++ and application/postscript. Thanks to Jonas Smedegaard for the patch. (Closes: #794282) + Fix an endless loop in parsing certain files. Thanks to Jonas Smedegaard for the patch. (Closes: #794263) . devscripts (2.15.6) unstable; urgency=medium . [ Paul Wise ] * Adjust wording of common suffixes passed to repacksuffix . [ James McCoy ] * debcheckout: + Handle Launchpad Git URLs. Thanks to Colin Watson for the patch. (Closes: #788777) + Handle authenticated checkout when Vcs-Darcs is missing the root /darcs directory. * checkbashisms: + Fix unescaped, literal curly brace in regex, causing FTBFS with Perl 5.22. Thanks to Roderich Schupp for the patch. (Closes: #788707) + Improve detection of %q/%b to include when it is at the start of the string. Thanks to Eero Vuojolahti. (Closes: #793396) * wnpp-check: + Use getopt to handle argument parsing. + Add --exact switch to match the exact package name instead of a substring. Thanks to Balasankar C. (Closes: #791918) * Replace manual parsing of dpkg-buildpackage's output with the use of its -S switch or the Dpkg::Changelog::Parse Perl module. + Bump minimum required version of dpkg-dev to 1.17.0 * dget: Support arch-qualified package names. “dget foo:i386” will download the foo binary package for Arch: i386. “dget --all srcfoo:i386” will download all binary packages from the srcfoo source package that are either Arch: all or Arch: any/i386. (Closes: #792917) * uscan: Only check for presence of signing key when downloading a new upstream archive. (Closes: #790047) . [ Dominique Dumont ] * licensecheck: * extract © owner when © and owners are specified on 2 or more lines. * fix digia © and license extraction (Closes: #789074) * fix BSD-2-clause detection * parse assembly files with suffix .S * warn if scanned file is not a text file (Closes: #791756) . [ Mattia Rizzolo ] * uscan: Suggest the correct syntax in the manpage for the dversionmangle option, escaping a '+'. Thanks to Martin Erik Werner for reporting. (Closes: #789389) Checksums-Sha1: 64a244fff2183f34cffa2d64c9f798e1839ae70b 909758 devscripts_2.15.8~bpo8+1_amd64.deb b780441115616127f69d520033e5c09c1d7134fa 2285 devscripts_2.15.8~bpo8+1.dsc eca22775cf1c10aedf61c6ba3dda340a97aecefc 620004 devscripts_2.15.8~bpo8+1.tar.xz Checksums-Sha256: ef6239369b6c18423790515e3f72c123714e1e5093cd16ea93788cba1d498e41 909758 devscripts_2.15.8~bpo8+1_amd64.deb 81faedc4bee788ab2f1ac2b0cef6832eff6c0047446dfe607c7a7b6c6bc2e470 2285 devscripts_2.15.8~bpo8+1.dsc 2b60eec91fdff190df4f10d82322109b9a9bca797e228b23dcb56d29a4a5c38a 620004 devscripts_2.15.8~bpo8+1.tar.xz Files: 9202d6fd76e57db986e9fd2bbcc7ce7d 909758 devel optional devscripts_2.15.8~bpo8+1_amd64.deb 12876420d25c5018a8938bff05611a13 2285 devel optional devscripts_2.15.8~bpo8+1.dsc 812069563f0ba6ec0fdf412a0a2c5d23 620004 devel optional devscripts_2.15.8~bpo8+1.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJVx5M5XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MUJGQkY0RDY5NTZCRDVERjdCNzJEMjNE RkU2OTFBRTMzMUJBM0RCAAoJEN/mka4zG6Pb7KEP/1boiCgNLk7hnoWR+NEavvoU 2af0jL3IQX94AS3V9VcY7PaQ2uVZ/dMa3I/WnSniuvnV8q8BzFSLEmpFoiPEA+9K tNxLDKdOH3N0piRZdcvvnAFiq5ItqZ93Nn2t7m2ARnn5HALfbE8nKQEjzc6ZosS/ e3IQar4Lu9ksoX8S510vxyj7nPOCjKd9YtcQ4cEPb9SRK5mmfxMvPSBu69hiQNtN 6qeUry+nhC6ov2qSUdK75ZNzZ/Tunaxlbn4oTe8GaH2hXO/LLnCNBpJMhcJgbbBM iAsG6s4pCcSAEaidnVs1Ici28y3K8sslBLd66i4GUm5QsqFQo9UN6S40RwtbAZHm pQfBChxQ5lX8Mgon5g+2FuAxyO050sf8DqNyCQPP1AJg6Dg9EKWeR1XGvGsA7RkM dDBDlfYDtlvQpKYKgn5Xx3/CsGvmEtD34K+2yKGIrOMVrUrzWiR741II5ZhuZNvk 3uxVnPtKTKrrNM32g63TuPUjxIMbBRpaWaPmxIko/ibVvmPbFEmln8b+GkBPrzzs QjY+D3gKz4SeRp1kVsCewBId3V1Ja0OhbNw/s+IePeVmQrpeUZN/IKGTm+l0OTAu Hx6jCAUHyjUph9PEc9d5PHf47jDWkOOxuc0Z8IeGxUTJKvAWVOfOqigeSJgsGDaN 1XU60GAa/LdnQ8VXjQh3 =LNdg -----END PGP SIGNATURE----- Thank you for your contribution to Debian. _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
