CVE-2013-7325

Published: 03 December 2019

An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
devscripts
Launchpad, Ubuntu, Debian
Upstream
Released (2.13.9)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(2.14.1)
Patches:
Upstream: http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=4b7e58ee6000cdefac0682601cec6ecce0137467

Notes

AuthorNote
mdeslaur
fixed as part of backport for USN-2084-1

References