-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 09 Dec 2020 17:31:32 +0100 Source: python-apt Binary: python-apt python-apt-doc python-apt-dbg python-apt-dev python-apt-common python3-apt python3-apt-dbg Architecture: source Version: 1.4.2 Distribution: stretch-security Urgency: high Maintainer: APT Development Team <deity@lists.debian.org> Changed-By: Julian Andres Klode <jak@debian.org> Description: python-apt - Python interface to libapt-pkg python-apt-common - Python interface to libapt-pkg (locales) python-apt-dbg - Python interface to libapt-pkg (debug extension) python-apt-dev - Python interface to libapt-pkg (development files) python-apt-doc - Python interface to libapt-pkg (API documentation) python3-apt - Python 3 interface to libapt-pkg python3-apt-dbg - Python 3 interface to libapt-pkg (debug extension) Changes: python-apt (1.4.2) stretch-security; urgency=high . * SECURITY UPDATE: various memory and file descriptor leaks (LP: #1899193) - python/arfile.cc, python/generic.h, python/tag.cc, python/tarfile.cc: fix file descriptor and memory leaks - python/apt_instmodule.cc, python/apt_instmodule.h, python/arfile.h: Avoid reference cycle with control,data members in apt_inst.DebFile objects - tests/test_cve_2020_27351.py: Test cases for DebFile (others not easily testable) - CVE-2020-27351 * data/templates: Update mirror lists Checksums-Sha1: 20bb1406da1835c149261c4077e594a287b5df79 2427 python-apt_1.4.2.dsc c99f2e453cc7c744321ae4c9e0951e007038fe43 334396 python-apt_1.4.2.tar.xz 306dda353ba7a5c4a5caaba8dbcc611697cf1594 9792 python-apt_1.4.2_source.buildinfo Checksums-Sha256: bc54267f67559557547a5691d6e98c2088e8e4c7269eb74021eba4ff87c38d3b 2427 python-apt_1.4.2.dsc 8d2ae00d07d743197acf2b0225bfea66d6d260b33bfe24a0e22ef5071d453896 334396 python-apt_1.4.2.tar.xz b44bce1dd57e208d50192ef8c736dc95b084759a3a9b5eb99c2c2143bab6b5d6 9792 python-apt_1.4.2_source.buildinfo Files: df701e2073a7485c5872fdb0ba59cc79 2427 python optional python-apt_1.4.2.dsc f363161a23d5cbe4e36e7dccad42b85e 334396 python optional python-apt_1.4.2.tar.xz 0410102883ccd18ba4f27ddb5e3e084c 9792 python optional python-apt_1.4.2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAl/Q/J0PHGpha0BkZWJp YW4ub3JnAAoJEG+kWN0dsD9xIU0P/25Ywz1CmKgWZzyzvI9H3/YGQrARoiWYiy7P Nli3mBVkXytaH8D8LvqNs0pyAnKub8hvSdLIm4Q9NHC9YTEgmBxbu+rKTCzF3mri WYF50Mk2l2MpsB/hVmHcbrmBT5wH/9k2sRkdWmQZBBUt0J386uGJOEVQWlqJWAKI NcaBBLU0SAomCASWgWyVxVnSqK35aYPhRIOQL3MXDNQMVUkD6biZvW3GIvspDN3O /f/73JeodGdLKLKnJ1bfDmq9aqAoH0yAWc3R2TgQuX/6JBbfWdZrxOYRiM4ZIZDW rhkJbXOHG8YsPOlXbzyJYoEtpsQC9CpHLwBROEtssn5Qlzt1gwchcZYFVK+s739H LFWPxr5r57MMwCA54ch2lo+ONAhXV4zL9oGyX3NyqGsnO2VSWna927o/5TCV5r3Y 6XSTUK4p27O8Z+NLYwY3dD8h8wuwLUXz+KdZDDWAnuR3ld7fx6oiahnMbc20CUY+ CGi39u5+E2TTW/7SKZuBzhRxmZDCV4oYU2vp8bLVOWUYqpHqTvHfDjN+kpCrUHe0 KnyOkc1OhXHiHD44YffDoToOrsDgeLIkMAkQ5mxjrkSZrB5/kmMbVWxj90oanBcc 3r4vwNJN8+cPbKpXbo5f1z6hI2yipdBAWb75wpd0gAG5sZklCS23pYyTix2yjoQx YjsFhDnj =tgG4 -----END PGP SIGNATURE-----