Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted apt 1.4.10 (source) into oldstable->embargoed, oldstable
Date: Thu, 14 May 2020 04:04:01 +0000
Signed by: Julian Andres Klode <jak@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2020 21:46:37 +0200
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.4.10
Distribution: stretch-security
Urgency: high
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
 apt        - commandline package manager
 apt-doc    - documentation for APT
 apt-transport-https - https download transport for APT
 apt-utils  - package management related utility programs
 libapt-inst2.0 - deb package format runtime library
 libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - documentation for APT development
 libapt-pkg5.0 - package management runtime library
Changes:
 apt (1.4.10) stretch-security; urgency=high
 .
   * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
     - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
     - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
       member names in error path
     - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
       member names in error path
     - CVE-2020-3810
   * Fix-up size in 1.4.9 security fix test case
   * Add .gitlab-ci.yml for CI testing on Salsa
Checksums-Sha1:
 45bbf486b8aef76d5bb8ee4dbe4e6cc4a15afa1d 2553 apt_1.4.10.dsc
 18ac7ab054ba335f63bcfd53ff78cb767863a4ae 2080560 apt_1.4.10.tar.xz
 efe6731c56b6ff257e2a53d7448d825c44f5aa42 7623 apt_1.4.10_source.buildinfo
Checksums-Sha256:
 4b05e85f29d5f9809e33b237612bffefc8afd9df30da18a6c34ac6ce58b60596 2553 apt_1.4.10.dsc
 eaa314e8ebc9e62fedf316d196d1a99d894fd715e6385ed18afd41cc2cd5b127 2080560 apt_1.4.10.tar.xz
 e3ecb74baec6fc625f199f9e1e567c63fb7c84660a0c284e035a3fba3ccc0a43 7623 apt_1.4.10_source.buildinfo
Files:
 1adc0b386ae0e79cb381a908194491b1 2553 admin important apt_1.4.10.dsc
 751dba169a465c67bcf9b2d5fca3f3ab 2080560 admin important apt_1.4.10.tar.xz
 0a6b1c7c8b9c0eac6518fc90235f0b64 7623 admin important apt_1.4.10_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAl67CusPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xXVcP/0ukvD3qxW/94B8CmJWW91bgw69mMe8qVW61
B3Dyrx5xKnbZWNPOWFiOnvfPYV5grNCW6mNzwvZd1VCV9v1PjsZPgUycIQ3XrhKb
vkuA43y+OZbV56xo69YRg1aP+nqQRMRfsFW10u9VxN9aSxxxBpxVxunqdrOnVzyN
1mcdyD9QoTpbuda7PfI/S7XDnhg0/G/lEX5WdSiGGIZSz22F02wHWBMN0KDL5CKY
3cgVk2qQIaXdXdTAyomzw/NSyS5yT1Z/6IfNkDe97HvLaHZTyRrCvrQOw2XAHbp7
3e7WbKhOikQoMbE13Qt7Ez9Kg4J1g4i74EtwRcQIpSYcNmwnrWaDqUYfbQInWLYV
MBBlQAyLGNOxg3DSLiGi3p56kVscof06UmbMQhBWb5Rti85wIfpCRRAQqrHOHGdv
gESAM/LtbK7hK82h9gqH5tvwWXdAPUyv4qxoq9kmkYoJta+7x9gJ3mwcoYqy2Rb6
WRl41OS+Q6NLwTctPiS4KXCgsPLm3s/7r/4duXgID7cWrWlct+GA9xmbZRIyTmdi
249+5ZEDNFf8ewYknMSCExPWTsee//+zlQIz9sLKoHZ84s4/2Gx64+RMjLsPiA7u
bXLvn5zHcFZpGqX7MuOvW+93SI8kgjCLadNi7Cpz67MXJtqFDVCQzVjeUHQ97APA
sgvqf2Q1
=mwLA
-----END PGP SIGNATURE-----
News for package apt
