6 matches found
[SECURITY] [DSA 2836-1] devscripts security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2836-1 [email protected] http://www.debian.org/security/ Raphael Geissert January 05, 2014 http://www.debian.org/security/faq -...
CVE-2013-6888
CVE-2013-6888 affects devscripts’ uscan component. Before version 2.13.9, uscan could execute arbitrary code via a crafted tarball downloaded from a malicious source. Debian/Ubuntu advisories note remote code execution with the vulnerable uscan and specify fixes: Debian wheezy updated to 2.12.6+d...
Debian DSA-2836-1 : devscripts - arbitrary code execution
Several vulnerabilities have been discovered in uscan, a tool to scan upstream sites for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privilege...
[SECURITY] [DSA 2836-1] devscripts security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2836-1 [email protected] http://www.debian.org/security/ Raphael Geissert January 05, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2836-1 (devscripts - arbitrary code execution)
Several vulnerabilities have been discovered in uscan, a tool to scan upstream sites for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privilege...
DSA-2836-1 devscripts - arbitrary code execution
Bulletin has no description...