Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 22 FEDORA-2015-12699 Moderate: Devscripts Argument Injection

fedora
Calendar Grey August 12, 2015
Dist Fedora Esm H88
Resolves licensecheck bug and mitigates CVE-2015-5705 in the devscripts update for Fedora 22.
Update to version 2.15.8, see for details

Summary

Update Information:

Update to version 2.15.8, see for details. Fixes CVE-2015-5705. Update to version 2.15.7, see for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see for details. Update to version 2.15.6, see for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see for details. Update to version 2.15.6, see for details. Update to version 2.15.7, see for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see for details. Update to version 2.15.6, see for details. This update fixes licensecheck refusing to parse some text files such as C++ source files. Update to version 2.15.6, see for details. Update to version 2.15.6, see for details.

Topics%20covered

Topics Covered

security advisory moderate update Fedora argument injection devscripts licensecheck

Change Log

* Mon Aug 3 2015 Sandro Mani - 2.15.8-1 - Update to 2.15.8 * Sat Aug 1 2015 Sandro Mani - 2.15.7-1 - Update to 2.15.7 * Sat Aug 1 2015 Sandro Mani - 2.15.6-2 - Fix licensecheck incorrectly detecting mime strings such as text/x-c++ as a binary file (#1249227) * Wed Jul 29 2015 Sandro Mani - 2.15.6-1 - Update to 2.15.6 * Thu Jul 9 2015 Sandro Mani - 2.15.5-6 - Make licensecheck print a warning when scanned file is not a text file (#1240914) * Fri Jun 26 2015 Sandro Mani - 2.15.5-5 - Create symlinks like the debian package does (#1236122) * Wed Jun 17 2015 Ralf Corsépius - 2.15.5-4 - Add: "Requires: perl(:MODULE_COMPAT_...)" * Wed Jun 17 2015 Ralf Corsépius - 2.15.5-3 - Fix FTBFS. - Eliminate libvfork, PKGLIBDIR (Abandoned upstream). - Rework perl-BRs. - Reflect upstream installing perl-modules into perl_vendordir. - Reflect upstream installing bash-completion into /usr/share/bash-completion. - BR: /usr/bin/dpkg-buildflags, /usr/bin/dpkg-vendor, /usr/bin/dpkg-parsechangelog. - BR: pkgconfig(bash-completion). - Remove archpath, whodepends's man-pages. - Rebase patches. * Wed Jun 17 2015 Fedora Release Engineering - 2.15.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Fri Jun 12 2015 Sandro Mani - 2.15.5-1 - Update to 2.15.5

References


[ 1 ] Bug #1249635 - CVE-2015-5704 devscripts: arbitrary shell command injection https://bugzilla.redhat.com/show_bug.cgi?id=1249635 [ 2 ] Bug #1249645 - CVE-2015-5705 devscripts: argument injection vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1249645

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update devscripts' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: devscripts
Product: Fedora 22
Version: 2.15.8
Release: 1.fc22
URL: https://packages.debian.org/sid/devscripts
Summary: Scripts for Debian Package maintainersDescription :

Topics%20covered

Topics Covered

security advisory moderate update Fedora argument injection devscripts licensecheck

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here