On Sat, Dec 21, 2013 at 09:49:15PM -0500, James McCoy wrote:
> Thanks for the patch. We've addressed this by other means and are
> just pending some final review before uploading.
Ok, I've remove the pushed topic branch again.
> Thanks for noticing that. I've made a change for this as well.
Th
Control: tag -1 pending
On Sun, Dec 22, 2013 at 01:17:01AM +0100, Stig Sandbeck Mathisen wrote:
> I've pushed a proposed fix for this security issue to the packaging
> repo git://anonscm.debian.org/collab-maint/devscripts.git as the
> branch CVE-2013-7085-ruin-someones-yuletide
Thanks for the pat
Control: tags -1 + patch
I've pushed a proposed fix for this security issue to the packaging
repo git://anonscm.debian.org/collab-maint/devscripts.git as the
branch CVE-2013-7085-ruin-someones-yuletide
One commit, see
http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commit;h=f3b4
Package: devscripts
Version: 2.13.5
Severity: grave
Tags: security
Justification: user security hole
If USCAN_EXCLUSION is enabled, uscan doesn't correctly handle filenames
containing whitespace. This can be abused my malicious upstream to
delete files of their choice. Proof of concept (that wi
4 matches
Mail list logo
