Accepted dist 1:3.5-17-2 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted dist 1:3.5-17-2 (source all)
From: Manoj Srivastava <srivasta@debian.org>
Date: Sat, 30 Aug 2008 04:02:03 +0000
Message-id: <[🔎] E1KZHf1-00016N-26@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 29 Aug 2008 22:28:31 -0500
Source: dist
Binary: dist
Architecture: source all
Version: 1:3.5-17-2
Distribution: unstable
Urgency: high
Maintainer: Manoj Srivastava <srivasta@debian.org>
Changed-By: Manoj Srivastava <srivasta@debian.org>
Description: 
 dist       - Tools for developing, maintaining and distributing software.
Closes: 496412
Changes: 
 dist (1:3.5-17-2) unstable; urgency=high
 .
   * If a script uses a temp file which is created in /tmp, then an
     attacker can create symlink with the same name in this directory in
     order to destroy or rewrite some system or user files.  Symlink attack
     may also lead not only to the data desctruction but to denial of
     service as well. Creating files with rand or pid to randomize the file
     names is not adequate to protect the system. We now use File::Temp to
     safely create the temporary files as needed. This closes a grave bug.
     There are no code changes in this version, apart from the bug fix.
                                                         Closes: #496412
   * Updated the Standards version. (No changes)
Checksums-Sha1: 
 cfb3323008eef10947f0b0f0dfd4b5fa912e97f0 1082 dist_3.5-17-2.dsc
 33efe7aa6709b744388c4c8b77fbc9b1a3448b07 50463 dist_3.5-17-2.diff.gz
 a6304b8e23a7a60ebbdae809d1e375cf91a4edfd 602276 dist_3.5-17-2_all.deb
Checksums-Sha256: 
 30f12bf0f8c69dfe0f975d1fb49a958df17cc108e2d0edee6fe1ccf218474aa2 1082 dist_3.5-17-2.dsc
 cefa159b4fb96c0326e81154ad156267d10aaad463bfc90ae26ac72636d2462a 50463 dist_3.5-17-2.diff.gz
 52417b5bd62fdd183577f8efcc6b25d822a519b35bac51a37d588e63e8a28928 602276 dist_3.5-17-2_all.deb
Files: 
 2240ebc50a3633c37e61782f24c54fe4 1082 devel optional dist_3.5-17-2.dsc
 d0186bfc48731f1a7fa5a0fb8ed1c770 50463 devel optional dist_3.5-17-2.diff.gz
 c9c63b01a19500e6b070cee662b6712f 602276 devel optional dist_3.5-17-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAki4xc0ACgkQIbrau78kQkwihQCg2+3bg9HDrBPPEsU6bdGfr44k
i8YAn38hFg2IIPkJQu58FlQSaaq2Fsir
=pE//
-----END PGP SIGNATURE-----


Accepted:
dist_3.5-17-2.diff.gz
  to pool/main/d/dist/dist_3.5-17-2.diff.gz
dist_3.5-17-2.dsc
  to pool/main/d/dist/dist_3.5-17-2.dsc
dist_3.5-17-2_all.deb
  to pool/main/d/dist/dist_3.5-17-2_all.deb

Reply to:

Prev by Date: Accepted bzr 1.6.1~rc1-1 (source i386)
Next by Date: Accepted radvd 1:1.1-2.1 (source amd64)
Previous by thread: Accepted bzr 1.6.1~rc1-1 (source i386)
Next by thread: Accepted radvd 1:1.1-2.1 (source amd64)
Index(es):
- Date
- Thread