diff options
| -rw-r--r-- | CMakeLists.txt | 2 | ||||
| -rw-r--r-- | debian/changelog | 14 | ||||
| -rw-r--r-- | doc/apt-verbatim.ent | 2 | ||||
| -rw-r--r-- | doc/po/apt-doc.pot | 4 | ||||
| -rw-r--r-- | po/apt-all.pot | 4 |
5 files changed, 20 insertions, 6 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 83334baab..4117aebe4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -193,7 +193,7 @@ check_cxx_target(HAVE_FMV_SSE42_AND_CRC32DI "sse4.2" "__builtin_ia32_crc32di(0, # Configure some variables like package, version and architecture. set(PACKAGE ${PROJECT_NAME}) set(PACKAGE_MAIL "APT Development Team <deity@lists.debian.org>") -set(PACKAGE_VERSION "1.8.2.1") +set(PACKAGE_VERSION "1.8.2.2") if (NOT DEFINED DPKG_DATADIR) execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;" diff --git a/debian/changelog b/debian/changelog index ec4769b9b..44f80d187 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +apt (1.8.2.2) buster-security; urgency=high + + * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) + - apt-pkg/contrib/arfile.cc: add extra checks. + - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB + - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB + - test/*: add tests. + - CVE-2020-27350 + * Additional hardening: + - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB + * Fix autopkgtest regression in 1.8.2.1 security update + + -- Julian Andres Klode <jak@debian.org> Mon, 07 Dec 2020 12:31:04 +0100 + apt (1.8.2.1) buster-security; urgency=high * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) diff --git a/doc/apt-verbatim.ent b/doc/apt-verbatim.ent index 54c81b8f1..b8c33d072 100644 --- a/doc/apt-verbatim.ent +++ b/doc/apt-verbatim.ent @@ -268,7 +268,7 @@ "> <!-- this will be updated by 'prepare-release' --> -<!ENTITY apt-product-version "1.8.2.1"> +<!ENTITY apt-product-version "1.8.2.2"> <!-- (Code)names for various things used all over the place --> <!ENTITY debian-oldstable-codename "stretch"> diff --git a/doc/po/apt-doc.pot b/doc/po/apt-doc.pot index c0ec0859f..d143d0a6c 100644 --- a/doc/po/apt-doc.pot +++ b/doc/po/apt-doc.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt-doc 1.8.2.1\n" +"Project-Id-Version: apt-doc 1.8.2.2\n" "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" -"POT-Creation-Date: 2020-05-12 18:00+0000\n" +"POT-Creation-Date: 2020-12-02 17:16+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" diff --git a/po/apt-all.pot b/po/apt-all.pot index 8d005b831..373c4052c 100644 --- a/po/apt-all.pot +++ b/po/apt-all.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt 1.8.2.1\n" +"Project-Id-Version: apt 1.8.2.2\n" "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" -"POT-Creation-Date: 2020-05-12 18:00+0000\n" +"POT-Creation-Date: 2020-12-02 17:16+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" |