Author: ryan52-guest Date: 2009-09-04 01:06:38 +0000 (Fri, 04 Sep 2009) New Revision: 1993
Modified: trunk/debian/changelog trunk/scripts/uscan.pl Log: use Text::ParseWords::shellwords to parse the given command. Modified: trunk/debian/changelog =================================================================== --- trunk/debian/changelog 2009-09-04 00:55:10 UTC (rev 1992) +++ trunk/debian/changelog 2009-09-04 01:06:38 UTC (rev 1993) @@ -1,7 +1,8 @@ devscripts (2.10.55) UNRELEASED; urgency=low * uscan: fix a regression from the security fix when the command is - given parameters + given parameters. use Text::ParseWords::shellwords to parse the + given command. -- Ryan Niebur <[email protected]> Thu, 03 Sep 2009 17:54:51 -0700 Modified: trunk/scripts/uscan.pl =================================================================== --- trunk/scripts/uscan.pl 2009-09-04 00:55:10 UTC (rev 1992) +++ trunk/scripts/uscan.pl 2009-09-04 01:06:38 UTC (rev 1993) @@ -32,6 +32,7 @@ use Getopt::Long; use lib '/usr/share/devscripts'; use Devscripts::Versort; +use Text::ParseWords; BEGIN { eval { require LWP::UserAgent; }; if ($@) { @@ -1450,7 +1451,7 @@ # Do whatever the user wishes to do if ($action) { my $usefile = "$destdir/$newfile_base"; - my @cmd = split(' ', $action); + my @cmd = shellwords($action); if ($symlink =~ /^(symlink|rename)$/ and $newfile_base =~ /\.(tar\.gz|tgz)$/) { $usefile = "$destdir/${pkg}_${newversion}.orig.tar.gz"; -- To unsubscribe, send mail to [email protected].
