Update dpkg to 1.16.17. This fixes several security issues.

dpkg (1.16.17) wheezy-security; urgency=high

  [ Guillem Jover ]
  * Fix an off-by-one write access in dpkg-deb when parsing the .deb magic.
    Reported by Jacek Wielemborek <d33tah@gmail.com>. Closes: #798324
  * Fix an off-by-one write access in dpkg-deb when parsing the old format
    .deb control member size. Thanks to Hanno Böck <hanno@hboeck.de>.
    Fixes CVE-2015-0860.
  * Fix an off-by-one read access in dpkg-deb when parsing ar member names.
    Thanks to Hanno Böck <hanno@hboeck.de>.

  [ Updated programs translations ]
  * Catalan (Jordi Mallach).

  [ Updated man page translations ]
  * Fix incorrect translation in German (Helge Kreutzmann)

 -- Guillem Jover <guillem@debian.org>  Wed, 25 Nov 2015 22:34:58 +0100

dpkg (1.16.16) wheezy-security; urgency=high

  [ Guillem Jover ]
  * Do not leak long tar names on bogus or truncated archives.
  * Do not leak the filepackages iterator when a directory is used by other
    packages.
  * Do not leak color string on «dselect --color».
  * Fix memory leaks when parsing alternatives.
  * Fix memory leaks in buffer_copy() on error conditions.
  * Fix possible out of bounds buffer read access in the error output on
    bogus ar member sizes.
  * Fix file triggers/Unincorp descriptor leak on subprocesses. Regression
    introduced with the initial triggers implementation in dpkg 1.14.17.
    Closes: #751021
  * Fix a descriptor leak on dselect subprocesses when --debug is used.
  * Do not run qsort() over the scandir() list in libcompat if it is NULL.
  * Fix off-by-one stack buffer overrun in start-stop-daemon on GNU/Linux and
    GNU/kFreeBSD if the executable pathname is longer than _POSIX_PATH_MAX.
    Although this should not have security implications as the buffer is
    surrounded by two arrays (so those catch accesses even if the stack
    grows up or down), and we are compiling with -fstack-protector anyway.
  * Add a workaround to start-stop-daemon for bogus OpenVZ Linux kernels that
    prepend, instead of appending, the " (deleted)" marker in /proc/PID/exe.
    Closes: #731530
  * Fix off-by-one error in libdpkg command argv size calculation.
    Based on a patch by Bálint Réczey <balint@balintreczey.hu>. Closes: #760690
  * Escape package and architecture names on control file parsing warning,
    as those get injected into a variable that is used as a format string,
    and they come from the package fields, which are under user control.
    Regression introduced in dpkg 1.16.0. Fixes CVE-2014-8625. Closes: #768485
    Reported by Joshua Rogers <megamansec@gmail.com>.
  * Do not match partial field names in control files. Closes: #769119
    Regression introduced in dpkg 1.10.
  * Fix out-of-bounds buffer read accesses when parsing field and trigger
    names or checking package ownership of conffiles and directories.
    Reported by Joshua Rogers <megamansec@gmail.com>.
  * Add powerpcel support to cputable. Thanks to Jae Junh <jaejunh@embian.com>.
  * Fix OpenPGP Armor Header Line parsing in Dpkg::Control::Hash. We should
    only accept [\r\t ] as trailing whitespace, although RFC4880 does not
    clarify what whitespace really maps to, we should really match the GnuPG
    implementation anyway, as that's what we use to verify the signatures.
    Reported by Jann Horn <jann@thejh.net>. Fixes CVE-2015-0840.

  [ Raphaël Hertzog ]
  * Drop myself from Uploaders.

  [ Updated scripts translations ]
  * Fix typos in German (Helge Kreutzmann)
  * Swedish (Peter Krefting).

  [ Updated man page translations ]
  * Fix typos in German (Helge Kreutzmann)
  * Swedish (Peter Krefting).

 -- Guillem Jover <guillem@debian.org>  Thu, 09 Apr 2015 08:45:47 +0200

dpkg (1.16.15) wheezy-security; urgency=high

  [ Guillem Jover ]
  * Test suite:
    - Add test cases for Dpkg::Source::Patch CVE-2014-0471 and CVE-2014-3127.
    - Add test case for patch disabling hunks; not security sensitive.
  * Correctly parse patch headers in Dpkg::Source::Patch, to avoid directory
    traversal attempts from hostile source packages when unpacking them.
    Reported by Javier Serrano Polo <javier@jasp.net> as an unspecified
    directory traversal; meanwhile also independently found by me both
    #749183 and what was supposed to be #746498, which was later on published
    and ended up being just a subset of the other non-reported issue.
    Fixes CVE-2014-3864 and CVE-2014-3865. Closes: #746498, #749183

  [ Updated programs translations ]
  * Merge translated strings from master.

  [ Updated scripts translations ]
  * German (Helge Kreutzmann).

  [ Updated man page translations ]
  * Merge translated strings from master.
  * Unfuzzy or update trivial translations (Guillem Jover).

 -- Guillem Jover <guillem@debian.org>  Thu, 05 Jun 2014 22:24:36 +0200

dpkg (1.16.14) wheezy-security; urgency=high

  [ Guillem Jover ]
  * Do not allow patch files with C-style encoded filenames. Closes: #746306
    Fixes CVE-2014-3127 and unconditionally fixes CVE-2014-0471.
    Reported by Javier Serrano Polo <javier@jasp.net>.

  [ Updated scripts translations ]
  * German (Helge Kreutzmann).

  [ Updated man page translations ]
  * German (Helge Kreutzmann).

 -- Guillem Jover <guillem@debian.org>  Wed, 30 Apr 2014 08:14:16 +0200

dpkg (1.16.13) wheezy-security; urgency=high

  [ Guillem Jover ]
  * Do not NULL-terminate the list in the compat scandir(), as this might
    cause a segfault in case the function returns 0 entries.
  * Do not generate perl warnings on undef versions in
    Dpkg::Deps::deps_compare(). See: #737731
  * Do not overwrite triplet mappings with latter matches in Dpkg::Arch.
    Required for the new mipsn32(el) and mips64(el) architecture entries.
  * Add support for mipsn32(el) and mips64(el) to arch tables.
    Thanks to YunQiang Su <wzssyqa@gmail.com>. Closes: #685096, #707323
  * Add ppc64el support to cputable. Closes: #718945
    Thanks to Jeff Bailey <jeffbailey@google.com>.
  * Add OpenRISC or1k support to cputable.
    Thanks to Christian Svensson <christian@cmd.nu>. Closes: #736717
  * Clarify that dpkg --set-selections needs an up-to-date available db,
    by documenting it on the dpkg(1) man page, and warning whenever dpkg
    finds unknown packages while setting the selections. Closes: #703092
  * Improve documentation on how to update the available database before
    setting package selections. Suggested by Klaus Ita <koki.eml@gmail.com>.
  * Recognize «start-stop-daemon -C» as documented. Closes: #719746
    Reported by Brian S. Julin <bri@abrij.org>.
  * Correctly parse C-style diff filenames in Dpkg::Source::Patch, to avoid
    directory traversal attempts from hostile source packages when unpacking
    them. Reported by Jakub Wilk <jwilk@debian.org>. Fixes CVE-2014-0471.

  [ Updated scripts translations ]
  * Fix a typo in the German scripts translation.

  [ Updated man page translations ]
  * Fix and unify translation in German man pages.

 -- Guillem Jover <guillem@debian.org>  Fri, 25 Apr 2014 04:38:33 +0200

dpkg (1.16.12) stable; urgency=low

  * Fix value caching in Dpkg::Arch by not shadowing the variables.
    Closes: #724949

 -- Guillem Jover <guillem@debian.org>  Mon, 30 Sep 2013 16:52:37 +0200

dpkg (1.16.11) stable; urgency=low

  [ Raphaël Hertzog ]
  * Fix usage of non-existent _() function in multiple places of the Perl
    code. Thanks to Lincoln Myers <lincoln@netapp.com> for the patch.
    Closes: #708607

  [ Guillem Jover ]
  * Fix chmod() arguments order in Dpkg::Source::Quilt. Closes: #710265
    Thanks to Pablo Oliveira <pablo@sifflez.org>.
  * Only ignore older packages if the existing version is informative. This
    allows any program using libdpkg to parse the available file to see again
    packages with versions lesser than 0-0 (like 0~0-0). Closes: #676664
  * Fix use after free in dpkg_arch_load_list() on libdpkg.
    Reported by Pedro Ribeiro <pedrib@gmail.com>.

  [ Updated programs translations ]
  * Vietnamese (Trần Ngọc Quân). Closes: #715334

  [ Added man page translations ]
  * Italian (Beatrice Torracca). Closes: #711647

  [ Updated man page translations ]
  * Japanese (TAKAHASHI Motonobu). Closes: #704240

 -- Guillem Jover <guillem@debian.org>  Mon, 23 Sep 2013 16:51:18 +0200


(bsiegert)