CVE-2012-0211
Published: 15 February 2012
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package.
Priority
Status
Package | Release | Status |
---|---|---|
devscripts Launchpad, Ubuntu, Debian |
hardy |
Released
(2.10.11ubuntu5.8.04.5)
|
lucid |
Released
(2.10.61ubuntu5.1)
|
|
maverick |
Released
(2.10.67ubuntu1.1)
|
|
natty |
Released
(2.10.69ubuntu2.1)
|
|
oneiric |
Released
(2.11.1ubuntu3.1)
|
|
upstream |
Released
(2.10.69+squeeze2)
|