Code Review / packages / centos6 / dpkg.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Upload upstream dpkg sources (v. 1.15.5.6)
[packages/centos6/dpkg.git] / fedora-fix-CVE-2010-0396-01.patch
diff --git a/fedora-fix-CVE-2010-0396-01.patch b/fedora-fix-CVE-2010-0396-01.patch
new file mode 100644 (file)
index 0000000..c862e05
--- /dev/null
+++ b/fedora-fix-CVE-2010-0396-01.patch
@@ -0,0 +1,11 @@
+diff --git a/scripts/Dpkg/Source/Package/V3/quilt.pm b/scripts/Dpkg/Source/Package/V3/quilt.pm
+--- a/scripts/Dpkg/Source/Package/V3/quilt.pm
++++ b/scripts/Dpkg/Source/Package/V3/quilt.pm
+@@ -123,6 +123,7 @@ sub read_patch_list {
+             }
+         }
+         next if $opts{"skip_auto"} and $_ eq $auto_patch;
++        error(_g("%s contains an insecure path: %s"), $file, $_) if m{(^|/)\.\./};
+         push @patches, $_;
+     }
+     close(SERIES);