Skip to content
2.5.10.5
Niels Thykier's avatar
Niels Thykier
@nthykier
e0dc594b · Release lintian/2.5.10.5 into unstable ·
Unverified 
Release lintian/2.5.10.5 into unstable

Format: 1.8
Date: Fri, 05 Apr 2013 17:15:00 +0200
Source: lintian
Binary: lintian
Architecture: source all
Version: 2.5.10.5
Distribution: unstable
Urgency: medium
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Niels Thykier <niels@thykier.net>
Description:
 lintian    - Debian package checker
Changes:
 lintian (2.5.10.5) unstable; urgency=medium
 .
   * checks/*:
     + [NT] Avoid following unsafe symlinks.  (CVE-2013-1429)
   * checks/debconf:
     + [NT] Fix several path traversal issues that could leak
       information about the host system.  (CVE-2013-1429)
   * checks/init.d:
     + [NT] Fix possible symlink traversal that could leak
       information about the host system.  (CVE-2013-1429)
   * checks/md5sums:
     + [NT] Fix path traversal issue that could leak information
       about the host system.  (CVE-2013-1429)
   * checks/menus:
     + [NT] Fix path traversal issue that could leak information
       about the host system.  (CVE-2013-1429)
   * checks/po-debconf:
     + [NT] Unconditionally set INTLTOOL_EXTRACT.
   * checks/shared-libs:
     + [NT] Fix path traversal issue that could leak information
       about the host system.  (CVE-2013-1429)
 .
   * collection/*:
     + [NT] Avoid reading files outside the package root.
       (CVE-2013-1429)
   * collection/{changelog-file,debian-readme}:
     + [NT] Ignore files in usr/doc/<pkg>.
     + [NT] Skip collection if usr/share/doc/<pkg> is not contained
       within the package root.  (CVE-2013-1429)
 .
   * lib/Lintian/Collect/Package.pm:
     + [NT] When a check requests access to a raw file (or dir) in the
       package, ensure that the resulting path does not "escape" the
       top level directory.  This should preemptively guard against some
       (but not all) traversal attempts.
   * lib/Lintian/Util.pm:
     + [NT] Add sub to check if a path is contained within a given dir.
Checksums-Sha1:
 178a5a5ecb816af7a2077d58a1a958ca61c9cb25 1678 lintian_2.5.10.5.dsc
 b35b7ad19d27f120e4d20efb2f5a213af8b06c01 1118087 lintian_2.5.10.5.tar.gz
 d457e8ad4a06a57189103e5934c355cec23eaac0 711838 lintian_2.5.10.5_all.deb
Checksums-Sha256:
 ed7d3b600964b6a3c24661ae44ca68615dd11358f1d1231c15719c732fa38325 1678 lintian_2.5.10.5.dsc
 9e15cc2bb18bbe58d04746d05a25eca12758579bfd03f478bbb6117368636d64 1118087 lintian_2.5.10.5.tar.gz
 d616f266548ac5356e63bf5cba1bdcce9d8eea4e1d791491aee17bfd49bf09b0 711838 lintian_2.5.10.5_all.deb
Files:
 78e37740ac9e7f00304739a3e66f22cd 1678 devel optional lintian_2.5.10.5.dsc
 043eac91f77672ad19a43a478c643d68 1118087 devel optional lintian_2.5.10.5.tar.gz
 407e5bb7ea0baebab3d08b587c29a83a 711838 devel optional lintian_2.5.10.5_all.deb