-
- Downloads
Import Debian version 1.8.2.2
apt (1.8.2.2) buster-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
* Fix autopkgtest regression in 1.8.2.1 security update
Showing
- CMakeLists.txt 1 addition, 1 deletionCMakeLists.txt
- apt-inst/contrib/arfile.cc 13 additions, 1 deletionapt-inst/contrib/arfile.cc
- apt-inst/contrib/extracttar.cc 20 additions, 1 deletionapt-inst/contrib/extracttar.cc
- apt-inst/deb/debfile.cc 15 additions, 0 deletionsapt-inst/deb/debfile.cc
- debian/changelog 14 additions, 0 deletionsdebian/changelog
- doc/apt-verbatim.ent 1 addition, 1 deletiondoc/apt-verbatim.ent
- doc/po/apt-doc.pot 2 additions, 2 deletionsdoc/po/apt-doc.pot
- po/apt-all.pot 2 additions, 2 deletionspo/apt-all.pot
- test/integration/test-cve-2020-27350 25 additions, 0 deletionstest/integration/test-cve-2020-27350
- test/integration/test-github-111-invalid-armember 4 additions, 4 deletionstest/integration/test-github-111-invalid-armember
- test/interactive-helper/CMakeLists.txt 2 additions, 0 deletionstest/interactive-helper/CMakeLists.txt
- test/interactive-helper/createdeb-cve-2020-27350.cc 325 additions, 0 deletionstest/interactive-helper/createdeb-cve-2020-27350.cc
Loading
Please register or sign in to comment