CVE 2010-0396
Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.
Related bugs and status
CVE-2010-0396 (Candidate) is related to these bugs:
Bug #442114: dpkg gets slower as /var/lib/dpkg/info gets fragmented
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
442114 | dpkg gets slower as /var/lib/dpkg/info gets fragmented | dpkg (Ubuntu) | Wishlist | Fix Released | ||
442114 | dpkg gets slower as /var/lib/dpkg/info gets fragmented | dpkg (Debian) | Undecided | Fix Released |
Bug #512096: [MASTER] Exec format error : package failed to install/remove : installation/removal script returned error exit status 2
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
512096 | [MASTER] Exec format error : package failed to install/remove : installation/removal script returned error exit status 2 | dpkg (Ubuntu) | High | Fix Released | ||
512096 | [MASTER] Exec format error : package failed to install/remove : installation/removal script returned error exit status 2 | dpkg (Debian) | Unknown | Fix Released | ||
512096 | [MASTER] Exec format error : package failed to install/remove : installation/removal script returned error exit status 2 | dpkg (Ubuntu Karmic) | Undecided | Won't Fix |
Bug #532445: Arbitrary diff application hole in upload processor
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
532445 | Arbitrary diff application hole in upload processor | Launchpad itself | High | Invalid | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu) | Critical | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Hardy) | Medium | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Jaunty) | Medium | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Lucid) | Critical | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Dapper) | Medium | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Intrepid) | Medium | Fix Released | ||
532445 | Arbitrary diff application hole in upload processor | dpkg (Ubuntu Karmic) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.