diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 05:49:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 05:49:49 +0000 |
| commit | 81effa2f6c071dcdf63e9e030d79ca1f0158e9b2 (patch) | |
| tree | ec227a684f959c7c057ddfaca234deef34523e8d | |
| parent | Merging upstream version 1.3.2. (diff) | |
| download | powerline-gitstatus-debian.tar.xz powerline-gitstatus-debian.zip | |
Adding debian version 1.3.2-0+deb10u1.debian/1.3.2-0+deb10u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/changelog | 37 | ||||
| -rw-r--r-- | debian/compat | 1 | ||||
| -rw-r--r-- | debian/control | 18 | ||||
| -rw-r--r-- | debian/gbp.conf | 19 | ||||
| -rw-r--r-- | debian/salsa-ci.yml | 4 |
5 files changed, 67 insertions, 12 deletions
diff --git a/debian/changelog b/debian/changelog index 29bde8b..ecaef81 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,40 @@ +powerline-gitstatus (1.3.2-0+deb10u1) buster-security; urgency=high + + * Non-maintainer upload by the LTS team. + * Fix CVE-2022-42906: + Powerline Gitstatus, a statusline plugin for the VIM editor, allows + arbitrary code execution. Git repositories can contain per-repository + configuration that changes the behavior of git, including running arbitrary + commands. When using powerline-gitstatus, changing to a directory + automatically runs git commands in order to display information about the + current repository in the prompt. If an attacker can convince a user to + change their current directory to one controlled by the attacker, such as + in a shared filesystem or extracted archive, powerline-gitstatus will run + arbitrary commands under the attacker's control. + + -- Markus Koschany <apo@debian.org> Fri, 20 Jan 2023 16:46:31 +0100 + +powerline-gitstatus (1.3.2-0+deb11u1) bullseye; urgency=medium + + * New upstream version 1.3.2 + - Fix command injection via malicious repository config (CVE-2022-42906) + + -- Jérôme Charaoui <jerome@riseup.net> Wed, 26 Oct 2022 22:54:03 -0400 + +powerline-gitstatus (1.3.1-2) unstable; urgency=medium + + [ Jann Haber ] + * Remove python2 stuff from build-deps, since not used anyway + (Closes: #937314) + + [ Samuel Henrique ] + * Use debhelper-compat 13 + * Bump Standards-Version to 4.5.0 + * Add d/salsa-ci.yml and d/gbp.conf + * d/control: Switch maintenance to PAPT team and add myself as an uploader + + -- Samuel Henrique <samueloph@debian.org> Wed, 08 Jul 2020 21:17:05 +0100 + powerline-gitstatus (1.3.1-1) unstable; urgency=medium [ Daniel Baumann ] diff --git a/debian/compat b/debian/compat deleted file mode 100644 index 48082f7..0000000 --- a/debian/compat +++ /dev/null @@ -1 +0,0 @@ -12 diff --git a/debian/control b/debian/control index 9386546..58a7415 100644 --- a/debian/control +++ b/debian/control @@ -1,23 +1,23 @@ Source: powerline-gitstatus Section: python Priority: optional -Maintainer: Jerome Charaoui <jerome@riseup.net> +Maintainer: Python Applications Packaging Team <python-apps-team@lists.alioth.debian.org> +Uploaders: Jerome Charaoui <jerome@riseup.net>, + Samuel Henrique <samueloph@debian.org> Build-Depends: - debhelper (>= 12), + debhelper-compat (= 12), dh-python, powerline (>= 2.6), - python-all, - python-setuptools, python3-all, python3-powerline, python3-setuptools, Build-Conflicts: powerline-gitstatus, Rules-Requires-Root: no -Standards-Version: 4.3.0 +Standards-Version: 4.5.0 Homepage: https://github.com/jaspernbrouwer/powerline-gitstatus -Vcs-Browser: https://salsa.debian.org/lavamind/powerline-gitstatus -Vcs-Git: https://salsa.debian.org/lavamind/powerline-gitstatus.git +Vcs-Browser: https://salsa.debian.org/python-team/applications/powerline-gitstatus +Vcs-Git: https://salsa.debian.org/python-team/applications/powerline-gitstatus.git Package: powerline-gitstatus Architecture: all @@ -26,8 +26,6 @@ Depends: powerline ${powerline:Version}, python3-powerline-gitstatus, ${misc:Depends}, -Built-Using: - ${built-using}, Description: Powerline Git segment Powerline is a statusline plugin for vim, and provides statuslines and prompts for several other applications, including zsh, bash, tmux, @@ -41,8 +39,6 @@ Depends: python3-powerline ${powerline:Version}, ${misc:Depends}, ${python3:Depends}, -Built-Using: - ${built-using}, Description: Powerline Git segment for Python (3.x) Powerline is a statusline plugin for vim, and provides statuslines and prompts for several other applications, including zsh, bash, tmux, diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..6cbc70d --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,19 @@ +[DEFAULT] +debian-branch=debian/master +pristine-tar = True +cleaner = /bin/true + +[buildpackage] +sign-tags = True +export-dir = ../build-area/ +ignore-branch = True + +[import-orig] +filter-pristine-tar = True + +[pq] +patch-numbers = False + +[dch] +multimaint-merge = True +ignore-branch = True diff --git a/debian/salsa-ci.yml b/debian/salsa-ci.yml new file mode 100644 index 0000000..33c3a64 --- /dev/null +++ b/debian/salsa-ci.yml @@ -0,0 +1,4 @@ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml |