Dpkg 1.19.6 Deleted
Security Advisories
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.
- https://lists.debian.org/debian-security-announce/2022/msg00115.html
- https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be
- https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b
- https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html
- https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5
- https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495
Fixed version: >=1.21.8
Severity: critical
Reported: 2022-05-26
Kwalitee Issues
- has_readme
-
Add a README to the distribution. It should contain a quick description of your module and how to install it.
- has_changelog
-
Add a Changelog (best named 'Changes') to the distribution. It should list at least major changes implemented in newer versions.
- has_license_in_source_file
-
Add =head1 LICENSE and the text of the license to the main module in your code.
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- has_known_license_in_source_file
-
Add =head1 LICENSE and/or the proper text of the well-known license to the main module in your code.
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.01,0.02,0.03,1.00,1.01,1.02,1.03,1.04,1.06
Modules
Name | Abstract | Version | View |
---|---|---|---|
Dpkg | module with core variables | 1.03 | metacpan |
Dpkg::Arch | handle architectures | 1.03 | metacpan |
Dpkg::Build::Env | track build environment | 0.01 | metacpan |
Dpkg::Build::Info | handle build information | 1.00 | metacpan |
Dpkg::Build::Types | track build types | 0.02 | metacpan |
Dpkg::BuildFlags | query build flags | 1.03 | metacpan |
Dpkg::BuildOptions | parse and update build options | 1.02 | metacpan |
Dpkg::BuildProfiles | handle build profiles | 1.00 | metacpan |
Dpkg::Changelog | base class to implement a changelog parser | 1.01 | metacpan |
Dpkg::Changelog::Debian | parse Debian changelogs | 1.00 | metacpan |
Dpkg::Changelog::Entry | represents a changelog entry | 1.01 | metacpan |
Dpkg::Changelog::Entry::Debian | represents a Debian changelog entry | 1.03 | metacpan |
Dpkg::Changelog::Parse | generic changelog parser for dpkg-parsechangelog | 1.03 | metacpan |
Dpkg::Checksums | generate and manipulate file checksums | 1.03 | metacpan |
Dpkg::Compression | simple database of available compression methods | 1.02 | metacpan |
Dpkg::Compression::FileHandle | object dealing transparently with file compression | 1.01 | metacpan |
Dpkg::Compression::Process | run compression/decompression processes | 1.00 | metacpan |
Dpkg::Conf | parse dpkg configuration files | 1.03 | metacpan |
Dpkg::Control | parse and manipulate official control-like information | 1.03 | metacpan |
Dpkg::Control::Changelog | represent info fields output by dpkg-parsechangelog | 1.00 | metacpan |
Dpkg::Control::Fields | manage (list of official) control fields | 1.00 | metacpan |
Dpkg::Control::FieldsCore | manage (list of official) control fields | 1.00 | metacpan |
Dpkg::Control::Hash | parse and manipulate a block of RFC822-like fields | 1.00 | metacpan |
Dpkg::Control::HashCore | parse and manipulate a block of RFC822-like fields | 1.01 | metacpan |
Dpkg::Control::HashCore::Tie | metacpan | ||
Dpkg::Control::Info | parse files like debian/control | 1.01 | metacpan |
Dpkg::Control::Tests | parse files like debian/tests/control | 1.00 | metacpan |
Dpkg::Control::Tests::Entry | represents a test suite entry | 1.00 | metacpan |
Dpkg::Control::Types | export CTRL_* constants | 0.01 | metacpan |
Dpkg::Deps | parse and manipulate dependencies of Debian packages | 1.06 | metacpan |
Dpkg::Deps::AND | list of AND dependencies | 1.00 | metacpan |
Dpkg::Deps::KnownFacts | list of installed real and virtual packages | 1.01 | metacpan |
Dpkg::Deps::Multiple | base module to represent multiple dependencies | 1.02 | metacpan |
Dpkg::Deps::OR | list of OR dependencies | 1.00 | metacpan |
Dpkg::Deps::Simple | represents a single dependency statement | 1.02 | metacpan |
Dpkg::Deps::Union | list of unrelated dependencies | 1.00 | metacpan |
Dpkg::Dist::Files | 0.01 | metacpan | |
Dpkg::ErrorHandling | 0.02 | metacpan | |
Dpkg::Exit | program exit handlers | 1.01 | metacpan |
Dpkg::File | 0.01 | metacpan | |
Dpkg::Getopt | 0.02 | metacpan | |
Dpkg::Gettext | convenience wrapper around Locale::gettext | 1.03 | metacpan |
Dpkg::IPC | helper functions for IPC | 1.02 | metacpan |
Dpkg::Index | generic index of control information | 1.01 | metacpan |
Dpkg::Interface::Storable | common methods related to object serialization | 1.01 | metacpan |
Dpkg::Lock | 0.01 | metacpan | |
Dpkg::OpenPGP | 0.01 | metacpan | |
Dpkg::Package | 0.01 | metacpan | |
Dpkg::Path | some common path handling functions | 1.04 | metacpan |
Dpkg::Shlibs | 0.03 | metacpan | |
Dpkg::Shlibs::Cppfilt | 0.01 | metacpan | |
Dpkg::Shlibs::Objdump | 0.01 | metacpan | |
Dpkg::Shlibs::Objdump::Object | metacpan | ||
Dpkg::Shlibs::Symbol | 0.01 | metacpan | |
Dpkg::Shlibs::SymbolFile | 0.01 | metacpan | |
Dpkg::Source::Archive | 0.01 | metacpan | |
Dpkg::Source::BinaryFiles | 0.01 | metacpan | |
Dpkg::Source::Format | manipulate debian/source/format files | 1.00 | metacpan |
Dpkg::Source::Functions | 0.01 | metacpan | |
Dpkg::Source::Package | manipulate Debian source packages | 1.03 | metacpan |
Dpkg::Source::Package::V1 | 0.01 | metacpan | |
Dpkg::Source::Package::V2 | 0.01 | metacpan | |
Dpkg::Source::Package::V3::Bzr | 0.01 | metacpan | |
Dpkg::Source::Package::V3::Custom | 0.01 | metacpan | |
Dpkg::Source::Package::V3::Git | 0.02 | metacpan | |
Dpkg::Source::Package::V3::Native | 0.01 | metacpan | |
Dpkg::Source::Package::V3::Quilt | 0.01 | metacpan | |
Dpkg::Source::Patch | 0.01 | metacpan | |
Dpkg::Source::Quilt | 0.02 | metacpan | |
Dpkg::Substvars | handle variable substitution in strings | 1.06 | metacpan |
Dpkg::Vars | 0.03 | metacpan | |
Dpkg::Vendor | get access to some vendor specific information | 1.01 | metacpan |
Dpkg::Vendor::Debian | Debian vendor object | 0.01 | metacpan |
Dpkg::Vendor::Default | default vendor object | 0.01 | metacpan |
Dpkg::Vendor::Ubuntu | Ubuntu vendor object | 0.01 | metacpan |
Dpkg::Version | handling and comparing dpkg-style version numbers | 1.02 | metacpan |
Test::Dpkg | metacpan |