From 0331fa55449e686d0ecba81fdd9d3a1248461a41 Mon Sep 17 00:00:00 2001
From: Holger Hans Peter Freyther <zecke@selfish.org>
Date: Thu, 18 Mar 2010 16:02:01 +0800
Subject: dpkg: Upgrade to 1.14.29 to address a flaw in dpkg-source

Addresses CVE-2010-0396.
---
 .../dpkg/dpkg-1.14.29/ignore_extra_fields.patch    | 24 ++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 recipes/dpkg/dpkg-1.14.29/ignore_extra_fields.patch

(limited to 'recipes/dpkg/dpkg-1.14.29')

diff --git a/recipes/dpkg/dpkg-1.14.29/ignore_extra_fields.patch b/recipes/dpkg/dpkg-1.14.29/ignore_extra_fields.patch
new file mode 100644
index 0000000000..e47af42bc6
--- /dev/null
+++ b/recipes/dpkg/dpkg-1.14.29/ignore_extra_fields.patch
@@ -0,0 +1,24 @@
+ dpkg-deb/build.c |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+Index: dpkg-1.14.23/dpkg-deb/build.c
+===================================================================
+--- dpkg-1.14.23.orig/dpkg-deb/build.c	2008-11-18 10:57:33.000000000 +0000
++++ dpkg-1.14.23/dpkg-deb/build.c	2008-12-15 11:27:08.000000000 +0000
+@@ -243,14 +243,14 @@
+               controlfile, checkedinfo->otherpriority);
+       warns++;
+     }
+-    for (field= checkedinfo->available.arbs; field; field= field->next) {
++    /*for (field= checkedinfo->available.arbs; field; field= field->next) {
+       if (known_arbitrary_field(field))
+         continue;
+ 
+       fprintf(stderr, _("warning, `%s' contains user-defined field `%s'\n"),
+               controlfile, field->name);
+       warns++;
+-    }
++    }*/
+     checkversion(checkedinfo->available.version.version,"(upstream) version",&errs);
+     checkversion(checkedinfo->available.version.revision,"Debian revision",&errs);
+     if (errs) ohshit(_("%d errors in control file"),errs);
-- 
cgit v1.2.3