[SCM] Git repository for devscripts branch, master, updated. v2.12.2-40-g5fafd58
James McCoy
jamessan at debian.org
Sat Sep 1 14:59:00 UTC 2012
The following commit has been merged in the master branch:
commit 4b72aff0f0c7b1bc7d4c9e5f7ca851645d45cef7
Author: James McCoy <jamessan at debian.org>
Date: Sun Aug 26 11:22:44 2012 -0400
releasing version 2.12.2
diff --git a/debian/changelog b/debian/changelog
index 33d84a6..fac1e57 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+devscripts (2.12.2) unstable; urgency=high
+
+ * annotate-output: Fix to prevent symlink attack: don't delete
+ safely-created file and reuse its name. Instead, create temporary
+ directory and create FIFOs therein. Also, be sure to remove temporaries
+ upon catchable signal. Thanks to Jim Meyering for the patch. Fixes
+ CVE-2012-3500.
+
+ -- James McCoy <jamessan at debian.org> Sun, 26 Aug 2012 11:16:17 -0400
+
devscripts (2.12.1) unstable; urgency=low
* debchange:
--
Git repository for devscripts
More information about the devscripts-devel
mailing list