powerline-gitstatus (1.3.2-0+deb10u1) buster-security; urgency=high * Non-maintainer upload by the LTS team. * Fix CVE-2022-42906: Powerline Gitstatus, a statusline plugin for the VIM editor, allows arbitrary code execution. Git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs git commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory to one controlled by the attacker, such as in a shared filesystem or extracted archive, powerline-gitstatus will run arbitrary commands under the attacker's control. -- Markus Koschany Fri, 20 Jan 2023 16:46:31 +0100 powerline-gitstatus (1.3.2-0+deb11u1) bullseye; urgency=medium * New upstream version 1.3.2 - Fix command injection via malicious repository config (CVE-2022-42906) -- Jérôme Charaoui Wed, 26 Oct 2022 22:54:03 -0400 powerline-gitstatus (1.3.1-2) unstable; urgency=medium [ Jann Haber ] * Remove python2 stuff from build-deps, since not used anyway (Closes: #937314) [ Samuel Henrique ] * Use debhelper-compat 13 * Bump Standards-Version to 4.5.0 * Add d/salsa-ci.yml and d/gbp.conf * d/control: Switch maintenance to PAPT team and add myself as an uploader -- Samuel Henrique Wed, 08 Jul 2020 21:17:05 +0100 powerline-gitstatus (1.3.1-1) unstable; urgency=medium [ Daniel Baumann ] * Update to debhelper compat 12 * Update to standards version 4.3.0 * Add Rules-Requires-Root and missing Built-Using [ Jerome Charaoui ] * New upstream version 1.3.1 * Add upstream README in package -- Jerome Charaoui Sun, 13 Jan 2019 16:05:06 -0500 powerline-gitstatus (1.2.1-1) unstable; urgency=medium * Initial upload (Closes: #900661). -- Jerome Charaoui Mon, 04 Jun 2018 22:05:14 -0400