Release 1.4.91.4.9

3 files changed, 9 insertions, 2 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7ad363676..f43149530 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -172,7 +172,7 @@ endif()
 # Configure some variables like package, version and architecture.
 set(PACKAGE ${PROJECT_NAME})
 set(PACKAGE_MAIL "APT Development Team <deity@lists.debian.org>")
-set(PACKAGE_VERSION "1.4.8")
+set(PACKAGE_VERSION "1.4.9")
 
 if (NOT DEFINED DPKG_DATADIR)
   execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;"
diff --git a/debian/changelog b/debian/changelog
index b43c8f1bd..cc9f1b722 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+apt (1.4.9) stretch-security; urgency=medium
+
+  * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
+    (LP: #1812353)
+
+ -- Julian Andres Klode <jak@debian.org>  Fri, 18 Jan 2019 11:42:07 +0100
+
 apt (1.4.8) stretch; urgency=medium
 
   [ Balint Reczey ]
diff --git a/doc/apt-verbatim.ent b/doc/apt-verbatim.ent
index 84b314c9c..20f2162bb 100644
--- a/doc/apt-verbatim.ent
+++ b/doc/apt-verbatim.ent
@@ -239,7 +239,7 @@
 ">
 
 <!-- this will be updated by 'prepare-release' -->
-<!ENTITY apt-product-version "1.4.8">
+<!ENTITY apt-product-version "1.4.9">
 
 <!-- (Code)names for various things used all over the place -->
 <!ENTITY debian-oldstable-codename "jessie">