|
|
@@ -86,7 +86,8 @@ dpkg (1.17.9) unstable; urgency=high
|
|
|
|
|
|
[ Guillem Jover ]
|
|
|
* Do not allow patch files with C-style encoded filenames. Closes: #746306
|
|
|
- Unconditionally fixes CVE-2014-0471.
|
|
|
+ Fixes CVE-2014-3127 and unconditionally fixes CVE-2014-0471.
|
|
|
+ Reported by Javier Serrano Polo <javier@jasp.net>.
|
|
|
* Switch alternative database backups from xz to gzip. Closes: #746354
|
|
|
* Do not leak long tar names on bogus or truncated archives.
|
|
|
* Do not leak the filepackages iterator when a directory is used by other
|