[devscripts] 01/02: Merge tag 'v2.15.8' into jessie-backports

James McCoy jamessan at debian.org
Sun Aug 9 17:52:31 UTC 2015 

This is an automated email from the git hooks/post-receive script.

jamessan pushed a commit to branch jessie-backports
in repository devscripts.

commit 1266e1f7e2fbdd3495be8df4decf4b1dc90e1d86
Merge: e027a0d cd4c34b
Author: James McCoy <jamessan at debian.org>
Date:   Sat Aug 8 22:36:57 2015 -0400

    Merge tag 'v2.15.8' into jessie-backports
    
    tagging package devscripts version 2.15.8

 Makefile                           |  3 +-
 debian/changelog                   | 67 ++++++++++++++++++++++++++++++
 debian/control                     |  3 +-
 scripts/checkbashisms.pl           |  6 +--
 scripts/cvs-debi.sh                | 14 +++----
 scripts/cvs-debrelease.sh          | 14 +++----
 scripts/debchange.bash_completion  |  2 +-
 scripts/debchange.pl               | 17 +++-----
 scripts/debcheckout.pl             |  3 +-
 scripts/debclean.sh                |  2 +-
 scripts/debi.pl                    |  2 +-
 scripts/debrelease.sh              |  6 +--
 scripts/debrsign.sh                |  6 +--
 scripts/debsign.sh                 |  6 +--
 scripts/debuild.pl                 | 14 ++-----
 scripts/dget.pl                    | 66 ++++++++++++++++++++++--------
 scripts/licensecheck.pl            | 84 ++++++++++++++++++++++++++------------
 scripts/nmudiff.sh                 |  8 ++--
 scripts/tagpending.pl              | 48 ++++++----------------
 scripts/uscan.1                    |  6 +--
 scripts/uscan.pl                   | 23 ++++++-----
 scripts/uupdate.sh                 |  6 +--
 scripts/what-patch.sh              |  2 +-
 scripts/wnpp-check.1               |  5 ++-
 scripts/wnpp-check.sh              | 45 +++++++++++++++-----
 test/bashisms/printf.sh            |  2 +
 test/bashisms/printf.sh.out        |  2 +
 test/licensecheck/bsd-1-clause-1.c | 24 +++++++++++
 test/licensecheck/bsd-regents.c    | 30 ++++++++++++++
 test/licensecheck/lgpl-digia.c     | 32 +++++++++++++++
 test/licensecheck/texinfo.tex      | 27 ++++++++++++
 test/test_debchange                |  4 +-
 test/test_licensecheck             |  9 ++++
 33 files changed, 416 insertions(+), 172 deletions(-)

diff --cc debian/changelog
index bd69d08,c10f75d..0b1a130
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,70 +1,76 @@@
+ devscripts (2.15.8) unstable; urgency=high
+ 
+   * licensecheck:
+     + Avoid argument injection which may cause file to overwrite a file
+       through symlink indirection.  (Closes: #794365, CVE-2015-5705)
+ 
+  -- James McCoy <jamessan at debian.org>  Sun, 02 Aug 2015 09:06:05 -0400
+ 
+ devscripts (2.15.7) unstable; urgency=medium
+ 
+   * licensecheck:
+     + Use Dpkg::IPC to run file to avoid shell injection.
+       (Closes: #794260, CVE-2015-5704)
+     + Change whitelist of mime types to greylist of encodings.  Restores
+       ability to check files with mime types like text/x-c++ and
+       application/postscript.  Thanks to Jonas Smedegaard for the patch.
+       (Closes: #794282)
+     + Fix an endless loop in parsing certain files.  Thanks to Jonas
+       Smedegaard for the patch.  (Closes: #794263)
+ 
+  -- James McCoy <jamessan at debian.org>  Fri, 31 Jul 2015 22:50:33 -0400
+ 
+ devscripts (2.15.6) unstable; urgency=medium
+ 
+   [ Paul Wise ]
+   * Adjust wording of common suffixes passed to repacksuffix
+ 
+   [ James McCoy ]
+   * debcheckout:
+     + Handle Launchpad Git URLs.  Thanks to Colin Watson for the patch.
+       (Closes: #788777)
+     + Handle authenticated checkout when Vcs-Darcs is missing the root /darcs
+       directory.
+   * checkbashisms:
+     + Fix unescaped, literal curly brace in regex, causing FTBFS with Perl
+       5.22.  Thanks to Roderich Schupp for the patch.  (Closes: #788707)
+     + Improve detection of %q/%b to include when it is at the start of the
+       string.  Thanks to Eero Vuojolahti.  (Closes: #793396)
+   * wnpp-check:
+     + Use getopt to handle argument parsing.
+     + Add --exact switch to match the exact package name instead of a
+       substring.  Thanks to Balasankar C.  (Closes: #791918)
+   * Replace manual parsing of dpkg-buildpackage's output with the use of its
+     -S switch or the Dpkg::Changelog::Parse Perl module.
+     + Bump minimum required version of dpkg-dev to 1.17.0
+   * dget: Support arch-qualified package names.  “dget foo:i386” will download
+     the foo binary package for Arch: i386.  “dget --all srcfoo:i386” will
+     download all binary packages from the srcfoo source package that are
+     either Arch: all or Arch: any/i386.  (Closes: #792917)
+   * uscan: Only check for presence of signing key when downloading a new
+     upstream archive.  (Closes: #790047)
+ 
+   [ Dominique Dumont ]
+   * licensecheck:
+     * extract © owner when © and owners are specified on 2 or more lines.
+     * fix digia © and license extraction (Closes: #789074)
+     * fix BSD-2-clause detection
+     * parse assembly files with suffix .S
+     * warn if scanned file is not a text file (Closes: #791756)
+ 
+   [ Mattia Rizzolo ]
+   * uscan: Suggest the correct syntax in the manpage for the dversionmangle
+     option, escaping a '+'. Thanks to Martin Erik Werner for reporting.
+     (Closes: #789389)
+ 
+  -- James McCoy <jamessan at debian.org>  Mon, 27 Jul 2015 23:12:23 -0400
+ 
 +devscripts (2.15.5~bpo8+1) jessie-backports; urgency=medium
 +
 +  * Rebuild for jessie-backports.
 +
 + -- James McCoy <jamessan at debian.org>  Wed, 24 Jun 2015 21:59:43 -0400
 +
  devscripts (2.15.5) unstable; urgency=low
  
    [ Cyril Brulebois ]

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git

More information about the devscripts-devel mailing list