| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Switch more URLs, now that these services have had SSL enabled.
|
|
This does not pose any security issue, as the hunk parser is strict, and
will reject a patch if it considers that the hunk marker is not present.
|
|
The code parsing the patches was not taking into account that patches
w/ partial or no pathname headers are still valid patches, and that
they can specify the pathname in the Index: pseudo-header or in a
single «+++ » pathname header, which allows doing directory traversal
when unpacking source packages.
The first vector is due to how the Index: pseudo-header is handled by
patch. Its value gets used (on non-POSIX mode) only when both «+++ »
and «--- » pathname headers do not provide a pathname, by either having
an empty pathname or by the header being completely absent. The minimal
fix for this is to just consider that we've parsed the header when we
see a hunk header marker «@@ -». This is CVE-2014-3865 and #749183.
The other vector is due to patches with only a «+++ » pathname header,
which get skipped by the parser as it only checks for «--- » pathname
header lines. The minimal fix for this is to also check for «+++ » when
parsing the patch header. This is CVE-2014-3864 and #746498.
The first issue is a superset of the second, and its fix is sufficient
and covers and fixes too the second vector, as the «@@ -» marker is
mandatory for a patch to be valid.
An unspecified directory traversal vulnerability was initially reported
in #746498 by Javier Serrano Polo <javier@jasp.net>, and while no
information had been provided, I independently found #749183 and what
was supposed to be #746498, which was later on published.
Fixes: CVE-2014-3864, CVE-2014-3865
Closes: #746498, #749183
|
|
This covers the directory traversal issues from CVE-2014-0471 and
CVE-2014-3127.
|
|
Regression introduced in commit c2ee90f92ab6c915db774403414b2ea70c967c3e.
We need to check if the value is empty, not if it's false. Add a
regression test.
|
|
This spurious space is unnecessary and takes a non-insignificant amount
of disk space on archive index files for example.
Update dpkg-dev Breaks on devscripts to version << 2.14.4, as previous
versions of debchange expect a trailing space from dpkg-parsechangelog
output.
Closes: #749044
Based-on-patch-by: Johannes Schauer <j.schauer@email.de>
|
|
|
|
These got missed in commit 7662e0937bb064a0754d12605d80a96a17e2aadf.
The current dpkg code is not using those methods, but external programs
might need them.
|
|
|
|
This at least tests if the module in question can be use'ed correctly,
and gives a more realistic code coverage report.
The remaining modules should be covered by one of their parents.
|
|
Fixes TestingAndDebugging::RequireTestLabels.
Warned-by: perlcritic
|
|
|
|
|
|
|
|
If there's no available module for the requested vendor, try loading
a Parent until one is found, or we fallback to Default.
Closes: #735978
|
|
|
|
Ref: #737731
|
|
This stops the madness of having to invent sequence numbers to be able
to order the test suite run. Instead we now honour the order of the
arguments passed to the runner.
|
|
|
|
The currently available groups are aeabi and gomp.
Closes: #694524
|
|
|
|
This adds the basic infrastructure support for a new class of generic
build-time dependency restrictions, and in particular implements the
specific build profiles, which will allow to cull build dependencies
depending on the profile being used. There's several things this can
be used for, like new port bootstrapping, reduced package builds, and
similar. In the future other kinds of restrictions could be added as
the build profiles are namespaced with “profile.”. An example field
could be:
Build-Depends: exotic-compiler, libneeded-dev, tool-tiny,
tool-huge (>= 1.0) [linux-any] <!profile.embedded !profile.bootstrap>
or even stuff like:
Depends: net-tools <profile.network>, plugin-curl <!profile.no-plugins>
The generated binary packages and .changes files will get a new
Built-For-Profiles field containing the active profiles during the build.
In addition the build profile can be selected using the environment
variable DEB_BUILD_PROFILES, with space separated values, such as:
DEB_BUILD_PROFILES="embedded bootstrap"
The management and possible registration in the profile namespace is
currently out of scope in dpkg, this should probably be handled by a
distribution specific process.
See draft <http://www.hadrons.org/~guillem/debian/docs/embedded.proposal>.
Closes: #661538
Based-on-patch-by: Patrick "P. J." McDermott <pjm@nac.net>
Based-on-patch-by: Wookey <wookey@debian.org>
Based-on-patch-by: Johannes Schauer <j.schauer@email.de>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Fixes InputOutput::RequireBracedFileHandleWithPrint.
Warned-by: perlcritic
|
|
This will make it safe to remove parenthesis around builtins.
|
|
Fixes InputOutput::RequireCheckedOpen.
Warned-by: perlcritic
|
|
All changed instances are documentation or private code interfaces.
The only remaining variable instance with a regexp name is a publicly
exposed variable, which will eventually disappear once it has gone
through the deprecation process.
|
|
Replace direct usage with accessor functions.
Addresses Variables::ProhibitPackageVars.
Warned-by: perlcritic
|
|
|
|
|
|
Add two trivial list utility functions, mimicking the ones from
List::MoreUtils, as that is not a core module and we want to avoid
the additional dependency.
|
|
|
|
Rename, uppercase and do not export new variables by default, to avoid
cluttering the caller namespace, and to give them consistent names. We'll
keep the old variables for a while, to not break uses from external
modules.
Addresses Variables::ProhibitPackageVars.
|
|
|
|
Do not fix the shlibs conffiles to avoid possible useless prompts.
Fixes CodeLayout::ProhibitTrailingWhitespace.
Warned-by: perlcritic
|
|
Fixes ValuesAndExpressions::ProhibitCommaSeparatedStatements.
Warned-by: perlcritic
|
|
Fixes Objects::ProhibitIndirectSyntax.
Warned-by: perlcritic
|
|
Do not read each line to then join it, just switch on slurp mode and
do it in one go. Use the newly created function file_slurp.
Fixes InputOutput::ProhibitJoinedReadline.
Warned-by: perlcritic
|
|
Fixes ControlStructures::ProhibitCStyleForLoops.
Warned-by: perlcritic
|
|
Using double-quotes imposes a small performance penalty as the perl
parser needs to check if any interpolation is needed. Use double-quotes
only when the string contains single-quotes. Ideally we'd use
double-quotes too for escaped meta-characters that might otherwise be
confusing to immediately see if they need interpolation or not, but the
policy does not (currently) allow to ignore these.
Fixes ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
Addresses ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
Do not quote the keys for any hash which will always use simple
identifiers, as that is taken care of by the => operator. So this does
not apply to overload pragmas, version operators, field names, substvars,
command line options or filenames.
Addresses ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
Fixes InputOutput::ProhibitBarewordFileHandles.
Warned-by: perlcritic
|
|
|
|
|
|
Mark false positives in the perl code so that perlcritic ignores them,
and so that they are documented in-place.
|
|
This marks all these files as script files, so that tools like
perlcritic do not misrecognize them as modules.
|
|
This test is useful for all perl code in the project, not just for the
scripts directory. Move it to the top level directory so that we don't
have to do strange things referencing sibling directories and similar.
|
|
These just clutter the code base, as adding modelines for each possible
editor out there does not scale, and they are currently not exhaustive
anyway.
|
|
Make sure that no fields are injected before a signed block.
Although the only possible attack is to add fields not present in the
signed block, as otherwise a syntax error due to duplicate field is
triggered.
|
|
Make sure the OpenGPG armor contains a signature block, even on EOF.
This should get detected and rejected by gpgv anyway, but it's better
to check the structure of the message before doing any further parsing
on it.
|
