On Sat, Dec 21, 2013 at 09:49:15PM -0500, James McCoy wrote:
Thanks for the patch. We've addressed this by other means and are
just pending some final review before uploading.
Ok, I've remove the pushed topic branch again.
Thanks for noticing that. I've made a change for this as well.
Control: tags -1 + patch
I've pushed a proposed fix for this security issue to the packaging
repo git://anonscm.debian.org/collab-maint/devscripts.git as the
branch CVE-2013-7085-ruin-someones-yuletide
One commit, see
Control: tag -1 pending
On Sun, Dec 22, 2013 at 01:17:01AM +0100, Stig Sandbeck Mathisen wrote:
I've pushed a proposed fix for this security issue to the packaging
repo git://anonscm.debian.org/collab-maint/devscripts.git as the
branch CVE-2013-7085-ruin-someones-yuletide
Thanks for the
Package: devscripts
Version: 2.13.5
Severity: grave
Tags: security
Justification: user security hole
If USCAN_EXCLUSION is enabled, uscan doesn't correctly handle filenames
containing whitespace. This can be abused my malicious upstream to
delete files of their choice. Proof of concept (that
4 matches
Mail list logo