summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CMakeLists.txt2
-rw-r--r--debian/changelog14
-rw-r--r--doc/apt-verbatim.ent2
-rw-r--r--doc/po/apt-doc.pot4
-rw-r--r--po/apt-all.pot4
5 files changed, 20 insertions, 6 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 83334baab..4117aebe4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -193,7 +193,7 @@ check_cxx_target(HAVE_FMV_SSE42_AND_CRC32DI "sse4.2" "__builtin_ia32_crc32di(0,
# Configure some variables like package, version and architecture.
set(PACKAGE ${PROJECT_NAME})
set(PACKAGE_MAIL "APT Development Team <deity@lists.debian.org>")
-set(PACKAGE_VERSION "1.8.2.1")
+set(PACKAGE_VERSION "1.8.2.2")
if (NOT DEFINED DPKG_DATADIR)
execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;"
diff --git a/debian/changelog b/debian/changelog
index ec4769b9b..44f80d187 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+apt (1.8.2.2) buster-security; urgency=high
+
+ * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
+ - apt-pkg/contrib/arfile.cc: add extra checks.
+ - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
+ - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
+ - test/*: add tests.
+ - CVE-2020-27350
+ * Additional hardening:
+ - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
+ * Fix autopkgtest regression in 1.8.2.1 security update
+
+ -- Julian Andres Klode <jak@debian.org> Mon, 07 Dec 2020 12:31:04 +0100
+
apt (1.8.2.1) buster-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
diff --git a/doc/apt-verbatim.ent b/doc/apt-verbatim.ent
index 54c81b8f1..b8c33d072 100644
--- a/doc/apt-verbatim.ent
+++ b/doc/apt-verbatim.ent
@@ -268,7 +268,7 @@
">
<!-- this will be updated by 'prepare-release' -->
-<!ENTITY apt-product-version "1.8.2.1">
+<!ENTITY apt-product-version "1.8.2.2">
<!-- (Code)names for various things used all over the place -->
<!ENTITY debian-oldstable-codename "stretch">
diff --git a/doc/po/apt-doc.pot b/doc/po/apt-doc.pot
index c0ec0859f..d143d0a6c 100644
--- a/doc/po/apt-doc.pot
+++ b/doc/po/apt-doc.pot
@@ -5,9 +5,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: apt-doc 1.8.2.1\n"
+"Project-Id-Version: apt-doc 1.8.2.2\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
-"POT-Creation-Date: 2020-05-12 18:00+0000\n"
+"POT-Creation-Date: 2020-12-02 17:16+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
diff --git a/po/apt-all.pot b/po/apt-all.pot
index 8d005b831..373c4052c 100644
--- a/po/apt-all.pot
+++ b/po/apt-all.pot
@@ -5,9 +5,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: apt 1.8.2.1\n"
+"Project-Id-Version: apt 1.8.2.2\n"
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
-"POT-Creation-Date: 2020-05-12 18:00+0000\n"
+"POT-Creation-Date: 2020-12-02 17:16+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"