Bug#732006: uscan: broken handling of filenames with whitespace
James McCoy
jamessan at debian.org
Sun Dec 22 02:49:15 UTC 2013
Control: tag -1 pending
On Sun, Dec 22, 2013 at 01:17:01AM +0100, Stig Sandbeck Mathisen wrote:
> I've pushed a proposed fix for this security issue to the packaging
> repo git://anonscm.debian.org/collab-maint/devscripts.git as the
> branch CVE-2013-7085-ruin-someones-yuletide
Thanks for the patch. We've addressed this by other means and are just
pending some final review before uploading.
> The change also fixes a second bug, where one could not exclude a
> non-empty top level directory, but had to use "somedirectory/*".
Thanks for noticing that. I've made a change for this as well.
Cheers,
--
James
GPG Key: 4096R/331BA3DB 2011-12-05 James McCoy <jamessan at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/devscripts-devel/attachments/20131221/c9b193e8/attachment.sig>
More information about the devscripts-devel
mailing list