Bug 54810 - dpkg: Multiple issues (5.0)
dpkg: Multiple issues (5.0)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 5.0
All Linux
: P5 normal (vote)
: UCS 5.0-1-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-05-30 11:48 CEST by Quality Assurance
Modified: 2022-06-01 16:51 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 0.0 () NVD


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2022-05-30 11:48:09 CEST
New Debian dpkg 1.19.8 fixes:
This update addresses the following issue:
* dpkg (CVE-2022-1664)
Comment 1 Quality Assurance univentionstaff 2022-05-30 12:02:21 CEST
--- mirror/ftp/pool/main/d/dpkg/dpkg_1.19.7.dsc
+++ apt/ucs_5.0-0-errata5.0-1/source/dpkg_1.19.8.dsc
@@ -1,3 +1,15 @@
+1.19.8 [Tue, 24 May 2022 13:40:09 +0200] Guillem Jover <guillem@debian.org>:
+
+  [ Guillem Jover ]
+  * Perl modules:
+    - Dpkg::Source::Archive: Prevent directory traversal for in-place extracts.
+      Reported by Max Justicz <max@justi.cz>. Fixes CVE-2022-1664.
+  * Build system:
+    - Build gitlab CI images for buster instead of sid.
+
+  [ Updated man pages translations ]
+  * German (Helge Kreutzmann).
+
 1.19.7 [Mon, 03 Jun 2019 23:22:35 +0200] Guillem Jover <guillem@debian.org>:
 
   [ Guillem Jover ]

<http://piuparts.knut.univention.de/5.0-1/#8563863190562056536>
Comment 2 Philipp Hahn univentionstaff 2022-05-30 13:25:44 CEST
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[5.0-1] e7b214a7bd Bug #54810: dpkg 1.19.8
 doc/errata/staging/dpkg.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

[5.0-1] 0cd646bb46 Bug #54810: dpkg 1.19.8
 doc/errata/staging/dpkg.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)