Univention Bugzilla – Bug 43147
dpkg: Multiple issues (4.1)
Last modified: 2017-08-31 12:38:48 CEST
The following security update to dpkg was missed in our security tracking: dpkg (1.16.18) wheezy; urgency=medium * Remove trailing space before handling blank line dot-separator in Dpkg::Control::Hash. Regression introduced in dpkg 1.16.16. Reported by Jakub Wilk <jwilk@debian.org>. Closes: #789580 * Only use the SHELL environment variable for interactive shells. Closes: #788819 * Move tar option --no-recursion before -T in dpkg-deb. With tar > 1.28 the --no-recursion option is now positional, and needs to be passed before the -T option, otherwise the tarball will end up with duplicated entries. Thanks to Richard Purdie <richard.purdie@linuxfoundation.org>. Closes: #807940 * Initialize Config-Version also for packages previously in triggers-pending state, otherwise we end up not passing the previously configured version to «postinst configure», which might consider this a first install instead of an upgrade. Closes: #801156 * Fix memory leaks in dpkg infodb format upgrade logic. * Fix physical file offset comparison in dpkg. Closes: #808912 Thanks to Yuri Gribov <tetra2005@gmail.com>. * Do not accept empty field names in dpkg. Closes: #769111 * When sys_siglist is defined in the system, try to use NSIG as we cannot compute the array size with sizeof(). If NSIG is missing fallback to 32 items. Prompted by Igor Pashev <pashev.igor@gmail.com>. -- Guillem Jover <guillem@debian.org> Sun, 20 Mar 2016 10:23:24 +0100 dpkg (1.16.17) wheezy-security; urgency=high [ Guillem Jover ] * Fix an off-by-one write access in dpkg-deb when parsing the .deb magic. Reported by Jacek Wielemborek <d33tah@gmail.com>. Closes: #798324 * Fix an off-by-one write access in dpkg-deb when parsing the old format .deb control member size. Thanks to Hanno Böck <hanno@hboeck.de>. Fixes CVE-2015-0860. * Fix an off-by-one read access in dpkg-deb when parsing ar member names. Thanks to Hanno Böck <hanno@hboeck.de>. [ Updated programs translations ] * Catalan (Jordi Mallach). [ Updated man page translations ] * Fix incorrect translation in German (Helge Kreutzmann) -- Guillem Jover <guillem@debian.org> Wed, 25 Nov 2015 22:34:58 +0100
Package: dpkg Version: 1.16.18.105.201612091413 Branch: ucs_4.1-0 Scope: errata4.1-4 r75162 | Bug #43147: dpkg YAML
[Montag, 12. Dezember 2016] [14:39:04] <arvid> phahn: das Advisory dpkg.yaml für errata4.1-4 referenziert http://forge.univention.org/bugzilla/show_bug.cgi?id=41965, das blockiert Janek vermutlich beim Release.
(In reply to Arvid Requate from comment #2) > [Montag, 12. Dezember 2016] [14:39:04] <arvid> phahn: das Advisory > dpkg.yaml für errata4.1-4 referenziert > http://forge.univention.org/bugzilla/show_bug.cgi?id=41965, das blockiert > Janek vermutlich beim Release. And how is that related to THIS bug?
> And how is that related to THIS bug? cat dpkg.yaml =========================================================================== product: ucs release: "4.1" version: [3,4] scope: ucs_4.1-0-errata4.1-4 src: dpkg fix: 1.16.18.105.201612091413 desc: | This update addresses the following issues: * An off-by-one write access in dpkg-deb when parsing the old format .deb control member size has been fixed (CVE-2015-0860) * dpkg did not correctly handle the upgrade case, were a diverted conffile was moved between two packages. This has been fixed. bug: [43147,41965] cve: - CVE-2015-0860 =========================================================================== Bug #41965 is tagged to UCS 4.2 and open, so mentioning it in the advisory will block the errata release.
Ah, now you created Bug 43173 for that, thanks for been cooperative and mentioning that you fixed the yaml or referencing, or assigning the Bug for QA.
<http://errata.software-univention.de/ucs/4.1/356.html>