Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted apt 1.4.11 (source) into oldstable
Date: Wed, 09 Dec 2020 16:40:11 +0000
Signed by: Julian Andres Klode <jak@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 07 Dec 2020 13:45:23 +0100
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.4.11
Distribution: stretch-security
Urgency: high
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
 apt        - commandline package manager
 apt-doc    - documentation for APT
 apt-transport-https - https download transport for APT
 apt-utils  - package management related utility programs
 libapt-inst2.0 - deb package format runtime library
 libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - documentation for APT development
 libapt-pkg5.0 - package management runtime library
Changes:
 apt (1.4.11) stretch-security; urgency=high
 .
   * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
     - apt-pkg/contrib/arfile.cc: add extra checks.
     - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
     - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
     - test/*: add tests.
     - CVE-2020-27350
   * Additional hardening:
     - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
   +  * Fix autopkgtest regression in 1.8.2.1 security update
Checksums-Sha1:
 5badbebd0b3d8af071ac32dfac63b7f0181996c1 2553 apt_1.4.11.dsc
 759b5f096db38c02bf416c562db9f28348708ab3 2083192 apt_1.4.11.tar.xz
 f845f0bf62cda250ca2e016ed70aa1d24c2c6544 7623 apt_1.4.11_source.buildinfo
Checksums-Sha256:
 019679d78fbfc08b4bebd7ace4ff6d8ec3e519096eab7bf2bd50ec6a0de9ea7d 2553 apt_1.4.11.dsc
 4d37de2dbe19385adc56a2f2e323d2fdcbc64d0d282a13f561288505a6e17363 2083192 apt_1.4.11.tar.xz
 03221dcecb71e265180830ea71883926cbad4cc02c86f3fa79004ca176946bb0 7623 apt_1.4.11_source.buildinfo
Files:
 920006ad29e94eac318e314384644219 2553 admin important apt_1.4.11.dsc
 ff806300bb35c18da273c60eec765cb4 2083192 admin important apt_1.4.11.tar.xz
 5fea51b9b787eb535a37d3f896f8deb9 7623 admin important apt_1.4.11_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAl/OKxUPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xghcP/RbvUgj1EpZ0cBlFNEV1IDf/vPsST9nLIIOT
P9z9r4MzoEak3vDPoqA+C3GUWVc4ukSHkAA71GNaMOnM2jYXQHSiER/61WPcdOcG
nYFFCCujzN+2eo2SSRI6cZtuuDRuIhvlrsMC0/egSJKt0YgPGHwgRjV6A0GF7h9/
ala+fWUVh48gSj95PNEzZrd/qDYzrar4q7SvQFIk31VSocEsuepekD4kcX4J6uTz
FiwtEWOk/vfgW2qJbrIJ8v0L2Z6ZZmnbI5IE8OzSGyULxuHminsLBMxYVQ7/wa0x
BtoHvUjLeNa0IfyXBjt9oDoy5N/eQAF7ku8QFba38TwG29SfWYAV93AE7eS+v6a9
vG0ibjCNAY0i5/Al8zCfWUMJw2HIckpuUbgYyfFjpR2FjOKu6Ty18Mwcsa6CxbID
fiW2UZXxECWjs5XYNR9S65DuBzoXiIvi25zmtqoNy2rr5JbuuQ/pviw7io/IyNz8
h6smbrpmYFG5wrXwcdHeagmnHVi8q/vYUsY9puKTrQj4XnuixYboQ1qNzudH3XMx
lTQEb4wYa4wB2b/tqt+2LVmT8oJG9ZAYv9PPWLE8KYAh80vlE6Rc8aNFyXDDV0m5
77SqQOSCYgGd/WrloGbXgr7TcKevYtA3+N1SSV7CBoZoMdIGAklVXSWQHt9EMP7m
T3kF8hAm
=Zlvi
-----END PGP SIGNATURE-----
News for package apt
