From 95e417cb069928dfdb5dfacb418f025d71f32c4d Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Mon, 7 Dec 2020 12:31:04 +0100 Subject: Release 1.8.2.2 --- CMakeLists.txt | 2 +- debian/changelog | 14 ++++++++++++++ doc/apt-verbatim.ent | 2 +- doc/po/apt-doc.pot | 4 ++-- po/apt-all.pot | 4 ++-- 5 files changed, 20 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 83334baab..4117aebe4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -193,7 +193,7 @@ check_cxx_target(HAVE_FMV_SSE42_AND_CRC32DI "sse4.2" "__builtin_ia32_crc32di(0, # Configure some variables like package, version and architecture. set(PACKAGE ${PROJECT_NAME}) set(PACKAGE_MAIL "APT Development Team ") -set(PACKAGE_VERSION "1.8.2.1") +set(PACKAGE_VERSION "1.8.2.2") if (NOT DEFINED DPKG_DATADIR) execute_process(COMMAND ${PERL_EXECUTABLE} -MDpkg -e "print $Dpkg::DATADIR;" diff --git a/debian/changelog b/debian/changelog index ec4769b9b..44f80d187 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +apt (1.8.2.2) buster-security; urgency=high + + * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) + - apt-pkg/contrib/arfile.cc: add extra checks. + - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB + - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB + - test/*: add tests. + - CVE-2020-27350 + * Additional hardening: + - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB + * Fix autopkgtest regression in 1.8.2.1 security update + + -- Julian Andres Klode Mon, 07 Dec 2020 12:31:04 +0100 + apt (1.8.2.1) buster-security; urgency=high * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) diff --git a/doc/apt-verbatim.ent b/doc/apt-verbatim.ent index 54c81b8f1..b8c33d072 100644 --- a/doc/apt-verbatim.ent +++ b/doc/apt-verbatim.ent @@ -268,7 +268,7 @@ "> - + diff --git a/doc/po/apt-doc.pot b/doc/po/apt-doc.pot index c0ec0859f..d143d0a6c 100644 --- a/doc/po/apt-doc.pot +++ b/doc/po/apt-doc.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt-doc 1.8.2.1\n" +"Project-Id-Version: apt-doc 1.8.2.2\n" "Report-Msgid-Bugs-To: APT Development Team \n" -"POT-Creation-Date: 2020-05-12 18:00+0000\n" +"POT-Creation-Date: 2020-12-02 17:16+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" diff --git a/po/apt-all.pot b/po/apt-all.pot index 8d005b831..373c4052c 100644 --- a/po/apt-all.pot +++ b/po/apt-all.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: apt 1.8.2.1\n" +"Project-Id-Version: apt 1.8.2.2\n" "Report-Msgid-Bugs-To: APT Development Team \n" -"POT-Creation-Date: 2020-05-12 18:00+0000\n" +"POT-Creation-Date: 2020-12-02 17:16+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" -- cgit v1.2.3