[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Ubuntu dpkg 1.15.8.2ubuntu3



This e-mail has been sent due to an upload to Ubuntu that contains Ubuntu
changes.  It contains the difference between the new version and the
previous version of the same source package in Ubuntu.
Format: 1.8
Date: Mon, 02 Aug 2010 11:26:48 +0200
Source: dpkg
Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect
Architecture: source
Version: 1.15.8.2ubuntu3
Distribution: maverick
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 dpkg       - Debian package management system
 dpkg-dev   - Debian package development tools
 dselect    - Debian package management front-end
 libdpkg-dev - Debian package management static library
 libdpkg-perl - Dpkg perl modules
Launchpad-Bugs-Fixed: 612457
Changes: 
 dpkg (1.15.8.2ubuntu3) maverick; urgency=low
 .
   * debian/rules: Globally set $PATH instead of just for dh_builddeb, so that
     it also applies to pkg-create-dbgsym.
 .
 dpkg (1.15.8.2ubuntu2) maverick; urgency=low
 .
   * Fix buffer overflow in dpkg_ar_member_put_header. Cherrypicked from trunk.
     (LP: #612457, Debian #591312)
   * debian/rules: Add build-tree/dpkg-deb to $PATH when calling dh_builddeb,
     to pull ourselves out of above swamp.
Checksums-Sha1: 
 e4b89dab0154a3d4a2130281bd01fe92e1758b38 1315 dpkg_1.15.8.2ubuntu3.dsc
 8bd4e6c2f2d76d72dbe56ac32a9cde73cb690556 5076938 dpkg_1.15.8.2ubuntu3.tar.bz2
Checksums-Sha256: 
 514df8632b9ce7bd094215ddd1ccf8ba48d78c8db912c221b24d0d4d5e820ca3 1315 dpkg_1.15.8.2ubuntu3.dsc
 36f7465adae0f59a0a46e4e1b26c505a8db52a4946cbc06498722b79461f48d4 5076938 dpkg_1.15.8.2ubuntu3.tar.bz2
Files: 
 598e80031af68b9b4b6d8c333b153a81 1315 admin required dpkg_1.15.8.2ubuntu3.dsc
 ff7939a4286d4204831a910bfaec0edc 5076938 admin required dpkg_1.15.8.2ubuntu3.tar.bz2
Original-Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
diff -pruN 1.15.8.2ubuntu1/debian/changelog 1.15.8.2ubuntu3/debian/changelog
--- 1.15.8.2ubuntu1/debian/changelog	2010-08-01 22:53:52.000000000 +0100
+++ 1.15.8.2ubuntu3/debian/changelog	2010-08-02 10:27:15.000000000 +0100
@@ -1,3 +1,19 @@
+dpkg (1.15.8.2ubuntu3) maverick; urgency=low
+
+  * debian/rules: Globally set $PATH instead of just for dh_builddeb, so that
+    it also applies to pkg-create-dbgsym.
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 02 Aug 2010 11:26:48 +0200
+
+dpkg (1.15.8.2ubuntu2) maverick; urgency=low
+
+  * Fix buffer overflow in dpkg_ar_member_put_header. Cherrypicked from trunk.
+    (LP: #612457, Debian #591312)
+  * debian/rules: Add build-tree/dpkg-deb to $PATH when calling dh_builddeb,
+    to pull ourselves out of above swamp.
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 02 Aug 2010 11:03:18 +0200
+
 dpkg (1.15.8.2ubuntu1) maverick; urgency=low
 
   * Resynchronise with Debian.  Remaining changes:
diff -pruN 1.15.8.2ubuntu1/debian/rules 1.15.8.2ubuntu3/debian/rules
--- 1.15.8.2ubuntu1/debian/rules	2010-08-01 22:53:52.000000000 +0100
+++ 1.15.8.2ubuntu3/debian/rules	2010-08-02 10:28:21.000000000 +0100
@@ -16,6 +16,10 @@ else
 	CXXFLAGS += -O2
 endif
 
+# temporary workaround for LP #612457
+PATH=build-tree/dpkg-deb:$(shell echo $$PATH)
+export PATH
+
 # These are used for cross-compiling and for saving the configure script
 # from having to guess our platform (since we know it already)
 DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
diff -pruN 1.15.8.2ubuntu1/lib/dpkg/ar.c 1.15.8.2ubuntu3/lib/dpkg/ar.c
--- 1.15.8.2ubuntu1/lib/dpkg/ar.c	2010-08-01 22:53:52.000000000 +0100
+++ 1.15.8.2ubuntu3/lib/dpkg/ar.c	2010-08-02 10:03:14.000000000 +0100
@@ -58,12 +58,15 @@ void
 dpkg_ar_member_put_header(const char *ar_name, int ar_fd,
                           const char *name, size_t size)
 {
-	char header[sizeof(struct ar_hdr)];
+	char header[sizeof(struct ar_hdr) + 1];
+	int n;
 
-	sprintf(header, "%-16s%-12lu0     0     100644  %-10lu`\n",
-	        name, time(NULL), (unsigned long)size);
+	n = sprintf(header, "%-16s%-12lu0     0     100644  %-10lu`\n",
+	            name, time(NULL), (unsigned long)size);
+	if (n != sizeof(struct ar_hdr))
+		ohshit(_("generated corrupt ar header for '%s'"), ar_name);
 
-	if (write(ar_fd, header, sizeof(header)) < 0)
+	if (write(ar_fd, header, n) < 0)
 		ohshite(_("unable to write file '%s'"), ar_name);
 }
 

Reply to: