From ca7fd76c2f30c100dcf1c12e717ce397cccd690b Mon Sep 17 00:00:00 2001
From: Michael Vogt <mvo@ubuntu.com>
Date: Tue, 16 Sep 2014 20:23:43 +0200
Subject: SECURITY UPDATE for CVE-2014-{0488,0487,0489}

incorrect invalidating of unauthenticated data (CVE-2014-0488)
incorect verification of 304 reply (CVE-2014-0487)
incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
---
 apt-pkg/acquire-item.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'apt-pkg/acquire-item.h')

diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index 06537bf2c..384c5ee2b 100644
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -706,6 +706,14 @@ class pkgAcqIndex : public pkgAcquire::Item
     */
    std::string CompressionExtension;
 
+   /** \brief Get the full pathname of the final file for the given URI
+    */
+   std::string GetFinalFilename(std::string const &URI,
+                                std::string const &compExt);
+
+   /** \brief Schedule file for verification after a IMS hit */
+   void ReverifyAfterIMS(std::string const &FileName);
+
    public:
    
    // Specialized action members
-- 
cgit v1.2.3