Oval Definition:oval:org.mitre.oval:def:24869
Revision Date:2014-07-21Version:6
Title:DSA-2915-2 dpkg - security update
Description:Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-0471
DSA-2915-2
Platform(s):Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
Debian GNU/Linux 6.0
Debian GNU/Linux 7
Product(s):dpkg
Definition Synopsis
  • Debian 6.0 release section
  • Debian 6.0 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND dpkg DPKG is earlier than 0:1.15.10
  • Debian 7.x release section
  • Debian 7 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND dpkg DPKG is earlier than 0:1.16.14
    • BACK