Summary: | <app-arch/dpkg-1.20.9-r1: directory traversal via crafted orig.tar and debian.tar | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gyakovlev |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.debian.org/debian-security-announce/2022/msg00115.html | ||
Whiteboard: | B2 [glsa+] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2022-05-28 21:59:12 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=354a6035384dee11b2fb6a43298c1235838b6ae4 commit 354a6035384dee11b2fb6a43298c1235838b6ae4 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2023-01-04 08:48:32 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2023-01-04 08:48:32 +0000 app-arch/dpkg: stablebump, add CVE-2022-1664 patch Bug: https://bugs.gentoo.org/847976 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> .../{dpkg-1.20.9.ebuild => dpkg-1.20.9-r1.ebuild} | 3 +- .../dpkg/files/dpkg-1.20.9-CVE-2022-1664.patch | 324 +++++++++++++++++++++ 2 files changed, 326 insertions(+), 1 deletion(-) bumped current stable, there are some bugs in current unstables, as soon as it'll be sorted out I'll file new stablereq and remove all other versions right after. Thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8dbea06fcd82915bad1507b8a173c13ee523a34f commit 8dbea06fcd82915bad1507b8a173c13ee523a34f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 07:19:16 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 07:19:23 +0000 [ GLSA 202408-30 ] dpkg: Directory Traversal Bug: https://bugs.gentoo.org/847976 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-30.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) |