Bug#97924: This bug was improperly merged.
This bug should not have been merged wiht #98017, #165448, #166306,
#171248, #177604, or #177871; it is an unrelated problem. Those bugs are
caused by corrupted .bin files, but this problem is not fixed by the
deletion of those files.
This bug is most probably caused by line 29 of apt-pkg/sourcelist.cc,
where a static array of 10 elements is allocated; more package entries
than that causes a buffer overflow condition. This may have security
implications, and should probably be fixed ASAP.
I suggest the following be done immediately:
retitle 97924 sources.list is parsed into fixed-size array
severity 97924 grave
unmerge 97924
tags 97924 +security
thank you
Reply to: