Back to apt PTS page

Accepted apt 1.8.2.1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted apt 1.8.2.1 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 15 May 2020 16:02:08 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1jZcmm-000I8I-9D@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2020 11:57:30 +0200
Source: apt
Architecture: source
Version: 1.8.2.1
Distribution: buster-security
Urgency: high
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Changes:
 apt (1.8.2.1) buster-security; urgency=high
 .
   * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
     - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
     - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
       member names in error path
     - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
       member names in error path
     - CVE-2020-3810
   * .gitlab.ci.yml: Point to debian:buster
Checksums-Sha1:
 d6dfde6c7b6349b3466110d40c060459918fd704 2774 apt_1.8.2.1.dsc
 b2bf1c870774ad0ca39879a7e93927f56babab53 2189236 apt_1.8.2.1.tar.xz
 71631adee9376d6f3b42485bdb70a1c1c4d88211 7240 apt_1.8.2.1_source.buildinfo
Checksums-Sha256:
 8e6af99e5eab948853dcffde8bf8b2cc9acdd53fcdadf3505a3c0234b69eabb1 2774 apt_1.8.2.1.dsc
 6d447f2e9437ec24e78350b63bb0592bee1f050811d51990b0c783183b0983f8 2189236 apt_1.8.2.1.tar.xz
 2a7bcfed8af9af3109fdb79fa5002c12939e1c236f413793f3b5dd7fcda7b6dc 7240 apt_1.8.2.1_source.buildinfo
Files:
 d023d2b5722e6dc1960c0c078c59268e 2774 admin important apt_1.8.2.1.dsc
 378ce76b2dbf6d6cf9c25eacd3a7a855 2189236 admin important apt_1.8.2.1.tar.xz
 e8dd51f28cfcaf9daf805374b9499e60 7240 admin important apt_1.8.2.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAl67CloPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xLioP/AhTIOCT92NG4SSKjKZbVI8NG6kBf44byfsB
at7X/hj6HnC4LxhkHIvv/hSxx476Il6DyjLXe1szd9in+PqfoZo7m6PJTfpylBrn
7Aw3xcbrnf6pmL7tMJzx4raxr71Aghqd0BTEUfab7SX67BeXXyT61aICZ/00d3jP
6koChkF/B8EOgglIRqMgTvZNYfKIjC3AktuPg6wyiWLSWM+hN9vwD+iLaSfYtMSk
fnsV1HQyYYPinHKKKDujEdRkn651eJzvZrbrMsUaUJ+GmRnW5XjXhf0dRj6upECF
ugoJIiYKDoLaVhZbV/bTgm6aRntMr4GrOiiv4k1fRTOCjqhNMUxNolMcnm9WbDw+
vgTgHROV5JZT2ZERPF56rh3u10imTVXc+3147T6ADTcXJrj0fkbFWdRob247amnD
2hKBPUN9IW6IFvvuihxa0Rk9pmi6x4AdXuEUdg1UxTVqjQ27Fg1g041xMchPEVW9
DEEuzZC2iM7bE6IA+qskyJfSuHuqQ9wozpxA/1zSyYX3vZUtwwDUxzr8TA9qa8uo
TWJLbUphdnoA68yLCz/8GkO2z3a1+1e69j0WQ0NRKRWvPLaETDoLoR9P4T98KTrO
e1ce1RiV9n08pF9PKx6zQV9HNbMWSEuTfK8dKyrPZ1VkPHJyyChZRTyC4Q2OrHSK
AZL+iwrg
=ziQf
-----END PGP SIGNATURE-----