Bug#705553: lintian: CVE-2013-1429 - path traversal/information disclosure

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#705553: lintian: CVE-2013-1429 - path traversal/information disclosure
From: Niels Thykier <niels@thykier.net>
Date: Tue, 16 Apr 2013 18:20:45 +0200
Message-id: <[🔎] 20130416162045.13358.47547.reportbug@mikazuki.thykier.net>
Reply-to: Niels Thykier <niels@thykier.net>, 705553@bugs.debian.org

Package: lintian
Version: 2.4.3
Severity: important
Tags: security upstream patch
Control: fixed -1 2.5.12

An "unimportant" security vulnerabilities have been found in Lintian.

In short, using crafted packages an attacker could have Lintian leak
information about the "host" system provided the raw log is available.

~Niels

Reply to:

Follow-Ups:
- Processed: lintian: CVE-2013-1429 - path traversal/information disclosure
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#705553: marked as done (lintian: CVE-2013-1429 - path traversal/information disclosure)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Processed: lintian: CVE-2013-1429 - path traversal/information disclosure
Next by Date: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Previous by thread: Bug#703989: marked as done (lintian: in lintian(1) mention that --pedantic is -L <something>)
Next by thread: Processed: lintian: CVE-2013-1429 - path traversal/information disclosure
Index(es):
- Date
- Thread