-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 14 Feb 2012 10:26:14 +0000 Source: devscripts Binary: devscripts Architecture: source amd64 Version: 2.10.69+squeeze2 Distribution: squeeze-security Urgency: high Maintainer: Devscripts Devel Team <pkg-devscripts@teams.debian.net> Changed-By: Adam D. Barratt <adam@adam-barratt.org.uk> Description: devscripts - scripts to make the life of a Debian Package maintainer easier Closes: 659559 Changes: devscripts (2.10.69+squeeze2) squeeze-security; urgency=high . [ Adam D. Barratt ] * debdiff: Fix CVE-2012-0211 and CVE-2012-0212 (argument injection / modification) . [ Raphael Geissert ] * debdiff: + Fix CVE-2012-0210 (insufficient input sanitising reading .dsc and .changes files) + Remove undocumented feature treating extensionless files as if they were packages (Closes: #659559) Checksums-Sha1: 64565101aada815c58e3930fb8956723e30f112e 2114 devscripts_2.10.69+squeeze2.dsc 0dc67fe6df1737536aa77110637989c0b0e23c64 729822 devscripts_2.10.69+squeeze2.tar.gz 21e06752e76624440420c7bd1c9cd82f3b8dd001 649148 devscripts_2.10.69+squeeze2_amd64.deb Checksums-Sha256: 83da4f8e6a203a7cc7fcd42e647baeba0fdcfcd7b2cb51fd817eb9dc4a3fb857 2114 devscripts_2.10.69+squeeze2.dsc ffa47e3a94a1394a01f59cebf4d646c6f24dddfb5ce4cf6b982120a9e8a0e280 729822 devscripts_2.10.69+squeeze2.tar.gz dcfeee87000ce91ae1a0c6a00b4916532fe1bfd539e396ce073909c0bf2ab41b 649148 devscripts_2.10.69+squeeze2_amd64.deb Files: 0e3694afac918e29bf15ef2733ec0392 2114 devel optional devscripts_2.10.69+squeeze2.dsc 6470fd334b52df547712e2423da0571b 729822 devel optional devscripts_2.10.69+squeeze2.tar.gz 60591b4e98133ed4264d3fd68f48b69d 649148 devel optional devscripts_2.10.69+squeeze2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPOu19AAoJEMXOXcLFQs1ZboQP/0zqOr2YbPJEwQvBW55RSBLc Z5+gyCjtcOhvYZkLNGwZVr+LwN1qG6IRZx3EVf/5cgiXMtVxlgjOCsaXyASZgACy 4BvaTSorTld7gtco0UqC1Z4/XDSfBGQmUJLVKVoCkDwRp+QgsTB1DU+bfwtoIUnQ 4IqzhfWK9MLn/69dO1YbYhh538V/UKyeAvWYGX1B4tkWchP05w6Ajrb0++Ct8Ztc BI93KeNxPuAV3fgOKsF8HfLSKTBjt59gvw4GPuPqHa2fTMdXJJaSyndiZacG84vM m0RQ1K0ZKs5Kodv1Nygbep24UdsMUNVRMK4MERClFOC3SXCmi8K8bkysgJDyQFe1 TcO3gYlRLzX/8/PTRppQVIwJxuCriZpgRlsSuZBSSnR3wK5lRirZaCCQ2ErHLTFT xPLpICkQbrf39DqlN/Ov30Rry6B3psolRG2yKT6u8VWJpuHwGCtEbHTsvyF1i7g6 sAlf7Aph9OQMPIC8k0Qfmb4U3A+Td9UJUngZE8bro+KOGKwir5zE3ElE6B3MHhN+ E2huXy9HCOnpgXoujhj3zC1qTRYOExWZ4mtuiM7oyK3awUQmNigGB3zPmmiQ2djY wB8MXniPeby1gXfyPqQSkZSVPro8ZRbFfdwPc+BY5QvQDM4pob/BHDtIkmJ8IySr +xTKZnGGjSxT9DOOczi5 =xAtO -----END PGP SIGNATURE----- Accepted: devscripts_2.10.69+squeeze2.dsc to main/d/devscripts/devscripts_2.10.69+squeeze2.dsc devscripts_2.10.69+squeeze2.tar.gz to main/d/devscripts/devscripts_2.10.69+squeeze2.tar.gz devscripts_2.10.69+squeeze2_amd64.deb to main/d/devscripts/devscripts_2.10.69+squeeze2_amd64.deb