Candidate: CVE-2015-5705
PublicDate: 2017-09-06 21:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5705
Description:
 Argument injection vulnerability in devscripts before 2.15.7 allows remote
 attackers to write to arbitrary files via a crafted symlink and crafted
 filename.
Ubuntu-Description:
Notes:
 sbeattie> introduced in 2.15.5
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794365
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N [7.5 HIGH]

Patches_devscripts:
upstream_devscripts: released (2.15.8)
precise_devscripts: not-affected (pre-2.15.5)
trusty_devscripts: not-affected (pre-2.15.5)
trusty/esm_devscripts: not-affected (pre-2.15.5)
vivid_devscripts: not-affected (pre-2.15.5)
devel_devscripts: not-affected (2.15.8)