[SCM] Debian package checker branch, squeeze, updated. 2.4.3-16-gddd5248
The following commit has been merged in the squeeze branch:
commit 3003d6ce24aec31d40d1038c0bd5ecfc26d5aa6c
Author: Niels Thykier <niels@thykier.net>
Date: Thu Apr 4 23:52:42 2013 +0200
c/shared-libs: Ignore maintscript that are symlinks
Signed-off-by: Niels Thykier <niels@thykier.net>
diff --git a/checks/shared-libs b/checks/shared-libs
index 1450f4b..dbe78a2 100644
--- a/checks/shared-libs
+++ b/checks/shared-libs
@@ -549,7 +549,7 @@ if (keys %shlibs_control and keys %symbols_control) {
}
# 6th step: check pre- and post- control files
-if (-f 'control/preinst') {
+if (-f 'control/preinst' and not -l 'control/preinst') {
local $_ = slurp_entire_file('control/preinst');
if (/^[^\#]*\bldconfig\b/m) {
tag "preinst-calls-ldconfig", ""
@@ -557,7 +557,7 @@ if (-f 'control/preinst') {
}
my $we_call_postinst=0;
-if (-f 'control/postinst') {
+if (-f 'control/postinst' and not -l 'control/postinst') {
local $_ = slurp_entire_file('control/postinst');
# Decide if we call ldconfig
@@ -576,14 +576,14 @@ if ($type eq 'udeb') {
if not $we_call_postinst and $must_call_ldconfig;
}
-if (-f 'control/prerm') {
+if (-f 'control/prerm' and not -l 'control/prerm') {
local $_ = slurp_entire_file('control/prerm');
if (/^[^\#]*\bldconfig\b/m) {
tag "prerm-calls-ldconfig", "";
}
}
-if (-f 'control/postrm') {
+if (-f 'control/postrm' and not -l 'control/postrm') {
local $_ = slurp_entire_file('control/postrm');
# Decide if we call ldconfig
diff --git a/debian/changelog b/debian/changelog
index 8006809..f99143c 100755
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,6 +12,9 @@ lintian (2.4.3+squeeze2) stable; urgency=low
* checks/menus:
+ [NT] Fix path traversal issue that could leak information
about the host system.
+ * checks/shared-libs:
+ + [NT] Fix path traversal issue that could leak information
+ about the host system.
-- Niels Thykier <niels@thykier.net> Fri, 05 Apr 2013 22:00:00 +0200
--
Debian package checker
Reply to: