• dpkg_1.20.4_amd64.changes ACCEPTED into unstable

    From Debian FTP Masters@21:1/5 to All on Tue Jul 7 09:00:01 2020

    Hash: SHA512

    Format: 1.8
    Date: Tue, 07 Jul 2020 07:57:48 +0200
    Source: dpkg
    Architecture: source
    Version: 1.20.4
    Distribution: unstable
    Urgency: medium
    Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
    Changed-By: Guillem Jover <guillem@debian.org>
    Closes: 870383 964017 964111 964234
    dpkg (1.20.4) unstable; urgency=medium
    [ Guillem Jover ]
    * Improve PIE flags support:
    - Prefix the specs file spec string self_spec with + instead of *.
    This way we do not override any previous setting, otherwise when
    passing the -specs options twice (f.ex. to compile and link), only the
    last one will take effect, which can break the build. Closes: #870383
    * Perl modules:
    - Dpkg::Source::Package: Explicitly initialize constructor options to
    their implicit values, otherwise other code end up assuming different
    defaults. Closes: #964017
    - Dpkg::OpenPGP: Use a temporary directory for the GnuPG homedir in
    verify_signature(), to make sure we do not write to the user home
    directory, except for the trustkeys.db file if present.
    - Dpkg::Path: Refactor new check_directory_traversal() function out of
    - Dpkg::Path: Do not do partial matches for directory traversal checks,
    expect a trailing slash after the base directory name.
    - Dpkg::Path: Catch uncanonicanizable pathnames with a proper error.
    Closes: #964111
    - Dpkg::Path: Do not consider missing symlink targets a directory
    traversal attempt. Closes: #964234
    - Dpkg::Path: Allow /dev/null for directory traversals.
    Reported by Holger Levsen <holger@layer-acht.org>.
    * Build system:
    - Add Module::Signature as configure recommends for CPAN.
    * Test suite:
    - Use File::Path::make_path() instead of chained mkdir() in Dpkg_Path.t.
    - Add unit tests for Dpkg::Path::check_directory_traversal().
    [ Updated programs translations ]
    * German (Sven Joachim).
    12983dabc712157582b2bcff0c1b0e6f1de9e65c 2109 dpkg_1.20.4.dsc
    41a445efe3c51e07b38948defd51e601683a5448 4715020 dpkg_1.20.4.tar.xz
    413c302f34195f09a53ef23943c9ebda3f811802 7501 dpkg_1.20.4_amd64.buildinfo Checksums-Sha256:
    2762a810d5c151316d170bc0ab6e610283e6454c5df5c34edd2fd33d0c79a64a 2109 dpkg_1.20.4.dsc
    3430d76d75b66eeccad8382dad7148e6f46fedce90587964608f0c5c733abe52 4715020 dpkg_1.20.4.tar.xz
    e78395058970d3c8dc03b462de8459104fbe12edc71f88af9c0617264da2bc2b 7501 dpkg_1.20.4_amd64.buildinfo
    19ca3ea2f56ee6cf181a4e5dc14e16e6 2109 admin required dpkg_1.20.4.dsc
    58f92b5d3d464629119148a1fa3eb331 4715020 admin required dpkg_1.20.4.tar.xz
    6b8be7267af03c5acb91430f3d8e2325 7501 admin required dpkg_1.20.4_amd64.buildinfo


    iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAl8EET0ACgkQuXK/PqSu V6Ms6g//Y1YBiJHcObBffo1yrWIVQxmDJx1V52NMjMQcZiJEoRDsCkHJzoBoeyHq VzI807ztMGXpr4P9+2kdgN1N0JcG6vKEB/VtnIbNdoEmIx13RoBM5WVnG04oRevL Sh6lCsFkET/in71O/CO6hpMV5KsNaoXuiLsJwZ3ggTeuKBinRhlCRfphU28gM8hE 8HvM+oBnitmuCLItoOT9MUps4B0LU1cCLf+mpsbKcJiTIZinbH8EyDx5BvNxf4fe avX2++4WTJirlesXkkOh3A/PjwRER6QGJqV24unDDjStQSab2TVKKk5pmna+V0kT ifI8qqOvLDbflT7MAyOklHTxnVK6TDUNSSNC+CyzO/g+vDuFweIpNQF7fcbtMT8w HF37am4F6UjiQiVpKEAhlVPK1dunG37IYZAQWAY069ywQ48WJPc9KdsbuEPSqH8J oAdrdx4OFLwz4KD9c31mMnzPzmJjWNtNMf/rxh0/fHypSbftF1ylVHcmVdy0mk7t 9JdHTS3PV37aQnOS4O450IujaUrbBkSU56By+jfsKaDW9W/nsk0+M2MHHAHfvV4f qNjopmgDbi8CwIZcf8z4aWbXNSWstMa1fXrDQvMPsCDd20qeH9N6Cb//800l5/jF E00ilFm/yykwBgBJxR/ujv7R0sWB3oxnXAN9cMT9cAB8qR2A1ZA=
    -----END PGP SIGNATURE-----

    Thank you for your contribution to Debian.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)