From 33cb8ac173733b716cbaec5ae0e7296cd75bca8d Mon Sep 17 00:00:00 2001
From: Michael Vogt <mvo@ubuntu.com>
Date: Wed, 17 Sep 2014 14:11:50 +0200
Subject: merge 0.9.7.9+deb7u3

---
 debian/changelog | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index e6599757f..15bf86030 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+apt (0.9.7.9+deb7u3) wheezy-security; urgency=high
+
+  * SECURITY UPDATE:
+    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
+    - incorect verification of 304 reply (CVE-2014-0487)
+    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
+    - incorrect apt-get download validation (CVE-2014-0490)
+
+ -- Michael Vogt <mvo@debian.org>  Mon, 15 Sep 2014 09:24:15 +0200
+
 apt (0.9.7.9+deb7u2) wheezy-security; urgency=high
 
   * SECURITY UPDATE: apt-get source validation (closes: #749795)
-- 
cgit v1.2.3