Accepted apt 1.4.11 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 07 Dec 2020 13:45:23 +0100
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.4.11
Distribution: stretch-security
Urgency: high
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
apt - commandline package manager
apt-doc - documentation for APT
apt-transport-https - https download transport for APT
apt-utils - package management related utility programs
libapt-inst2.0 - deb package format runtime library
libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
libapt-pkg-doc - documentation for APT development
libapt-pkg5.0 - package management runtime library
Changes:
apt (1.4.11) stretch-security; urgency=high
.
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
+ * Fix autopkgtest regression in 1.8.2.1 security update
Checksums-Sha1:
5badbebd0b3d8af071ac32dfac63b7f0181996c1 2553 apt_1.4.11.dsc
759b5f096db38c02bf416c562db9f28348708ab3 2083192 apt_1.4.11.tar.xz
f845f0bf62cda250ca2e016ed70aa1d24c2c6544 7623 apt_1.4.11_source.buildinfo
Checksums-Sha256:
019679d78fbfc08b4bebd7ace4ff6d8ec3e519096eab7bf2bd50ec6a0de9ea7d 2553 apt_1.4.11.dsc
4d37de2dbe19385adc56a2f2e323d2fdcbc64d0d282a13f561288505a6e17363 2083192 apt_1.4.11.tar.xz
03221dcecb71e265180830ea71883926cbad4cc02c86f3fa79004ca176946bb0 7623 apt_1.4.11_source.buildinfo
Files:
920006ad29e94eac318e314384644219 2553 admin important apt_1.4.11.dsc
ff806300bb35c18da273c60eec765cb4 2083192 admin important apt_1.4.11.tar.xz
5fea51b9b787eb535a37d3f896f8deb9 7623 admin important apt_1.4.11_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAl/OKxUPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xghcP/RbvUgj1EpZ0cBlFNEV1IDf/vPsST9nLIIOT
P9z9r4MzoEak3vDPoqA+C3GUWVc4ukSHkAA71GNaMOnM2jYXQHSiER/61WPcdOcG
nYFFCCujzN+2eo2SSRI6cZtuuDRuIhvlrsMC0/egSJKt0YgPGHwgRjV6A0GF7h9/
ala+fWUVh48gSj95PNEzZrd/qDYzrar4q7SvQFIk31VSocEsuepekD4kcX4J6uTz
FiwtEWOk/vfgW2qJbrIJ8v0L2Z6ZZmnbI5IE8OzSGyULxuHminsLBMxYVQ7/wa0x
BtoHvUjLeNa0IfyXBjt9oDoy5N/eQAF7ku8QFba38TwG29SfWYAV93AE7eS+v6a9
vG0ibjCNAY0i5/Al8zCfWUMJw2HIckpuUbgYyfFjpR2FjOKu6Ty18Mwcsa6CxbID
fiW2UZXxECWjs5XYNR9S65DuBzoXiIvi25zmtqoNy2rr5JbuuQ/pviw7io/IyNz8
h6smbrpmYFG5wrXwcdHeagmnHVi8q/vYUsY9puKTrQj4XnuixYboQ1qNzudH3XMx
lTQEb4wYa4wB2b/tqt+2LVmT8oJG9ZAYv9PPWLE8KYAh80vlE6Rc8aNFyXDDV0m5
77SqQOSCYgGd/WrloGbXgr7TcKevYtA3+N1SSV7CBoZoMdIGAklVXSWQHt9EMP7m
T3kF8hAm
=Zlvi
-----END PGP SIGNATURE-----
Reply to: