drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in devscripts
Name: |
Zwei Probleme in devscripts |
|
ID: |
FEDORA-2015-12716 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 21 |
|
Datum: |
Mi, 12. August 2015, 10:28 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5704 |
|
Applikationen: |
devscripts |
|
Originalnachricht |
Name : devscripts Product : Fedora 21 Version : 2.15.8 Release : 1.fc21 URL : https://packages.debian.org/sid/devscripts Summary : Scripts for Debian Package maintainers Description : Scripts to make the life of a Debian Package maintainer easier.
------------------------------------------------------------------------------- - Update Information:
Update to version 2.15.8, see http://metadata.ftp-master.debian.org/changelogsfor details. Fixes CVE-2015-5705.
Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogsfor details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
Update to version 2.15.7, see http://metadata.ftp-master.debian.org/changelogsfor details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
This update fixes licensecheck refusing to parse some text files such as C++ source files.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details.
Update to version 2.15.6, see http://metadata.ftp-master.debian.org/changelogsfor details. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Aug 3 2015 Sandro Mani <manisandro@gmail.com> - 2.15.8-1 - Update to 2.15.8 * Sat Aug 1 2015 Sandro Mani <manisandro@gmail.com> - 2.15.7-1 - Update to 2.15.7 * Sat Aug 1 2015 Sandro Mani <manisandro@gmail.com> - 2.15.6-2 - Fix licensecheck incorrectly detecting mime strings such as text/x-c++ as a binary file (#1249227) * Wed Jul 29 2015 Sandro Mani <manisandro@gmail.com> - 2.15.6-1 - Update to 2.15.6 * Thu Jul 9 2015 Sandro Mani <manisandro@gmail.com> - 2.15.5-6 - Make licensecheck print a warning when scanned file is not a text file (#1240914) * Fri Jun 26 2015 Sandro Mani <manisandro@gmail.com> - 2.15.5-5 - Create symlinks like the debian package does (#1236122) * Wed Jun 17 2015 Ralf Corsépius <corsepiu@fedoraproject.org> - 2.15.5-4 - Add: "Requires: perl(:MODULE_COMPAT_...)" * Wed Jun 17 2015 Ralf Corsépius <corsepiu@fedoraproject.org> - 2.15.5-3 - Fix FTBFS. - Eliminate libvfork, PKGLIBDIR (Abandoned upstream). - Rework perl-BRs. - Reflect upstream installing perl-modules into perl_vendordir. - Reflect upstream installing bash-completion into /usr/share/bash-completion. - BR: /usr/bin/dpkg-buildflags, /usr/bin/dpkg-vendor, /usr/bin/dpkg-parsechangelog. - BR: pkgconfig(bash-completion). - Remove archpath, whodepends's man-pages. - Rebase patches. * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.15.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Fri Jun 12 2015 Sandro Mani <manisandro@gmail.com> - 2.15.5-1 - Update to 2.15.5 * Tue Apr 28 2015 Sandro Mani <manisandro@gmail.com> - 2.15.4-1 - Update to 2.15.4 * Mon Apr 13 2015 Sandro Mani <manisandro@gmail.com> - 2.15.3-1 - Update to 2.15.3 * Fri Apr 3 2015 Sandro Mani <manisandro@gmail.com> - 2.15.2-1 - Update to 2.15.2 - Don't install whodepends (#1185511) * Fri Jan 2 2015 Sandro Mani <manisandro@gmail.com> - 2.15.1-1 - Update to 2.15.1 * Thu Dec 4 2014 Sandro Mani <manisandro@gmail.com> - 2.14.11-1 - Update to 2.14.11 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1249635 - CVE-2015-5704 devscripts: arbitrary shell command injection https://bugzilla.redhat.com/show_bug.cgi?id=1249635 [ 2 ] Bug #1249645 - CVE-2015-5705 devscripts: argument injection vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1249645 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update devscripts' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|