+Thu Feb 26 01:48:15 GMT 2004 Scott James Remnant <scott@netsplit.com>
+
+ * main/processarc.c (process_archive): Copy code from main/remove.c
+ to ensure that hardlinks to devices, setuid files or setgid files
+ cannot be stashed away in the hope that they become compromisable
+ in the future. This was handled when removing a package, but not
+ when upgrading one.
+
+Thu Feb 26 01:23:13 GMT 2004 Scott James Remnant <scott@netsplit.com>
+
+ * version-nr: Bump to 1.10.18.1
+
+Mon Feb 23 22:46:21 GMT 2004 Scott James Remnant <scott@netsplit.com>
+
+ * dpkg-deb/main.c: Clean up previous badly applied multiline string
+ patch.
+
+Mon Feb 23 01:30:13 CET 2004 Steinar H. Gunderson <sesse@debian.org>
+
+ * main/remove.c: Terminate string buffer correctly.
+
+Fri Feb 20 10:22:24 CET 2004 Colin Watson <cjwatson@debian.org>
+
+ * dpkg-deb/main.c: Don't use multiline strings (a removed GCC extension).
+
Tue Jan 27 20:08:12 CST 2003 Adam Heath <doogie@debian.org>
* debian/control: Update dpkg conflicts to << 1.10, instead of 1.9.
-dpkg (1.10.19) unstable; urgency=medium
+dpkg (1.10.18.1) unstable; urgency=medium
- * Update dpkg conflicts to << 1.10, instead of 1.9. Closes: #190611.
+ * Non-maintainer upload to fix release-critical bugs.
+ * Terminate string buffer in main/remove.c. Closes: #228379.
+ * Prevent stashing of hardlinked devices and setuid or setgid binaries
+ by removing permissions on upgrade as well as on remove.
+ Closes: #225692.
+ * Update dpkg conflicts to << 1.10, instead of 1.9.
+ Closes: #190611, #221989, #222760.
- -- Adam Heath <doogie@debian.org> UNRELEASED
+ -- Scott James Remnant <scott@netsplit.com> Thu, 26 Feb 2004 01:17:27 +0000
dpkg (1.10.18) unstable; urgency=medium
}
static void usage(void) {
- if (fputs(_("\
-Command:\n\
- -b|--build <directory> [<deb>] build an archive.\n\
- -c|--contents <deb> list contents.\n\
- -I|--info <deb> [<cfile>...] show info to stdout.\n\
- -W|--show <deb> show information on package(s)\n\
- -f|--field <deb> [<cfield>...] show field(s) to stdout.\n\
- -e|--control <deb> [<directory>] extract control info.\n\
- -x|--extract <deb> <directory> extract files.\n\
- -X|--vextract <deb> <directory> extract & list files.\n\
- --fsys-tarfile <deb> output filesystem tarfile.\n\
- -h|--help display this message.\n\
- --version | --licence show version/licence.\n\
-\n\
-<deb> is the filename of a Debian format archive.\n\
-<cfile> is the name of an administrative file component.\n\
-<cfield> is the name of a field in the main `control' file.\n\
-\n\
-Options:\n\
- --showformat=<format> use alternative format for --show\n\
- -D enable debugging output\n\
- --old, --new select archive format\n\
- --nocheck suppress control file check (build bad package).\n\
- -z# to set the compression when building\n\
-\n\
-Format syntax:\n\
- A format is a string that will be output for each package. The format\n\
- can include the standard escape sequences \\n (newline), \\r (carriage\n\
- return) or \\\\ (plain backslash). Package information can be included\n\
- by inserting variable references to package fields using the ${var[;width]}\n\
- syntax. Fields will be right-aligned unless the width is negative in which\n\
- case left alignment will be used. \n\
-\n\
-Use `dpkg' to install and remove packages from your system, or\n\
-`dselect' for user-friendly package management. Packages unpacked\n\
-using `dpkg-deb --extract' will be incorrectly installed !\n"),
+ if (fputs(_(
+"Command:\n"
+" -b|--build <directory> [<deb>] build an archive.\n"
+" -c|--contents <deb> list contents.\n"
+" -I|--info <deb> [<cfile>...] show info to stdout.\n"
+" -W|--show <deb> show information on package(s)\n"
+" -f|--field <deb> [<cfield>...] show field(s) to stdout.\n"
+" -e|--control <deb> [<directory>] extract control info.\n"
+" -x|--extract <deb> <directory> extract files.\n"
+" -X|--vextract <deb> <directory> extract & list files.\n"
+" --fsys-tarfile <deb> output filesystem tarfile.\n"
+" -h|--help display this message.\n"
+" --version | --licence show version/licence.\n"
+"\n"
+"<deb> is the filename of a Debian format archive.\n"
+"<cfile> is the name of an administrative file component.\n"
+"<cfield> is the name of a field in the main `control' file.\n"
+"\n"
+"Options:\n"
+" --showformat=<format> use alternative format for --show\n"
+" -D enable debugging output\n"
+" --old, --new select archive format\n"
+" --nocheck suppress control file check (build bad package).\n"
+" -z# to set the compression when building\n"
+"\n"
+"Format syntax:\n"
+" A format is a string that will be output for each package. The format\n"
+" can include the standard escape sequences \\n (newline), \\r (carriage\n"
+" return) or \\\\ (plain backslash). Package information can be included\n"
+" by inserting variable references to package fields using the ${var[;width]}\n"
+" syntax. Fields will be right-aligned unless the width is negative in which\n"
+" case left alignment will be used. \n"
+"\n"
+"Use `dpkg' to install and remove packages from your system, or\n"
+"`dselect' for user-friendly package management. Packages unpacked\n"
+"using `dpkg-deb --extract' will be incorrectly installed !\n"),
stdout) < 0) werr("stdout");
}
projects / dpkg / commitdiff