Bug#695832: apt: CVE-2012-0961

To: Moritz Muehlenhoff <jmm@inutil.org>, 695832@bugs.debian.org
Subject: Bug#695832: apt: CVE-2012-0961
From: Michael Vogt <mvo@debian.org>
Date: Thu, 13 Dec 2012 11:33:42 +0100
Message-id: <[🔎] 20121213103342.GA10007@bod>
Reply-to: Michael Vogt <mvo@debian.org>, 695832@bugs.debian.org
In-reply-to: <[🔎] 20121213074942.25033.89000.reportbug@m25s06.vlinux.de>
References: <[🔎] 20121213074942.25033.89000.reportbug@m25s06.vlinux.de>

On Thu, Dec 13, 2012 at 08:49:42AM +0100, Moritz Muehlenhoff wrote:
> Package: apt
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> This was assigned CVE-2012-0961:
> https://bugs.launchpad.net/ubuntu/+source/apt/+bug/975199
> 
> Stable is not affected, the logging as done as 0600 there.

Thanks for your bugreport. I uploaded a fix to unstable as
0.9.7.7 and send a unblock request as bug #695841.

Cheers,
 Michael
 
> Cheers,
>         Moritz
> 
> 
> -- 
> To UNSUBSCRIBE, email to deity-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20121213074942.25033.89000.reportbug@m25s06.vlinux.de">http://lists.debian.org/[🔎] 20121213074942.25033.89000.reportbug@m25s06.vlinux.de
>

Reply to:

References:
- Bug#695832: apt: CVE-2012-0961
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: apt_0.9.7.7_amd64.changes ACCEPTED into unstable
Next by Date: Bug#695832: marked as done (apt: CVE-2012-0961)
Previous by thread: Bug#695832: apt: CVE-2012-0961
Next by thread: Bug#695832: marked as done (apt: CVE-2012-0961)
Index(es):
- Date
- Thread