Package: debconf Version: 1.5.77 Severity: important debconf-set-selections(1) does various funny things if a filename contains characters that are not usually used in filenames:
# echo > '>t0' # ls -l total 4 -rw-rw-r-- 1 root root 1 Jul 17 14:47 '>t0' # debconf-set-selections '>t0' # ls -l total 4 -rw-rw-r-- 1 root root 1 Jul 17 14:47 '>t0' -rw-rw-r-- 1 root root 0 Jul 17 14:48 t0 # echo > 't1 ' # debconf-set-selections 't1 ' Can't open t1 : No such file or directory at /usr/bin/debconf-set-selections line 114. # echo > '|echo wibble' # debconf-set-selections '|echo wibble' wibble # These arise from its use of the <> Perl operator, which is not suitable for the implementation of a read-from-list-of-files kind of command. Because the range of misbehaviour includes writing to arbitrary files and running arbitrary commands, this is a more severe bug than normal. -zefram
