4 matches found
Updated dpkg packages fix security vulnerabilities
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
MGASA-2022-0327 Updated dpkg packages fix security vulnerability
A malicious source package could write files outside the unpack directory. CVE-2022-1664...
MGASA-2015-0482 Updated dpkg packages fix CVE-2015-0860
Updated dpkg packages fix security vulnerability: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary...
MGASA-2015-0197 Updated dpkg packages fix CVE-2015-0840
Updated dpkg packages fix security vulnerability: The dpkg-source command in Debian dpkg before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file .dsc CVE-2015-0840...