Control: reassign -1 debci-collector Control: retitle -1 missing filename sanitizing Hi Jonas, On 08-02-2023 21:20, Paul Gevers wrote:
So it's either the timing was extremely unfortunate and your package hit something unknown on our infrastructure, or it's actually the package that's causing issues on our infrastructure.
We have tracked down the issue and it turns out that this:
triggers a bug in debci. The testname is used for filenames and the hyphen is interpreted as an option to tar, triggering: tar: You may not specify more than one '-Acdtrux', '--delete' or '--test-label' option-ureq-2:gzip PASS
We're working on a fix. @terceiro: thinking of it, should we request a CVE for this? Paul
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature