Comment 10 for bug 512096

This bug was fixed in the package dpkg - 1.15.5.6ubuntu2

---------------
dpkg (1.15.5.6ubuntu2) lucid; urgency=high

  * Backport from upstream:
    - Use FIEMAP when available (on Linux based systems) to sort the .list
      files loading order. With a cold cache it improves up to a 70%.
      Thanks to Morten Hustveit <email address hidden>. LP: #442114
    - Call fsync(2) after writing files on disk, to get the atomicity
      guarantees when doing rename(2). Based on a patch by Jean-Baptiste
      Lallement <email address hidden>.
      Closes: #430958, LP: #512096
  * Security fixes by Raphaël Hertzog, also backported from upstream
    (CVE-2010-0396):
    - Modify dpkg-source to error out when it would apply patches containing
      insecure paths (with "/../") and also error out when it would apply a
      patch through a symlink. Those checks are required as patch will
      happily modify files outside of the target directory and unpacking a
      source package should not be able to have any side-effect outside of
      the target directory. LP: #532445
    - Also error out when the quilt series contains a path with "/../" as
      this can cause patch to create files outside of the source package due
      to the -B .pc/$path option that it gets.
 -- Colin Watson <email address hidden> Thu, 11 Mar 2010 00:34:28 +0000