From ed94a024e14e0fdbd9ea6cabd07063da441bcc02 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Mon, 20 Aug 2018 09:49:00 +0200
Subject: Release 1.6.3ubuntu0.1

---
 debian/changelog | 10 ++++++++++
 debian/control   |  3 ++-
 2 files changed, 12 insertions(+), 1 deletion(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 8dd68cdaa..1c700e21e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+apt (1.6.3ubuntu0.1) bionic-security; urgency=medium
+
+  [ David Kalnischkies ]
+  * SECURITY UPDATE: Fallback in the mirror method allowed a later server to
+    supply any InRelease file without it having to be verified. (LP: #1787752)
+    - apt-pkg/acquire-item.cc:: clear alternative URIs for mirror:// between steps
+    - CVE-2018-0501
+
+ -- Julian Andres Klode <juliank@ubuntu.com>  Mon, 20 Aug 2018 09:48:01 +0200
+
 apt (1.6.3) unstable; urgency=medium
 
   * Handle JSON hooks that just close the file/exit and fix some other errors
diff --git a/debian/control b/debian/control
index 333150ff8..9b94059e4 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,8 @@
 Source: apt
 Section: admin
 Priority: important
-Maintainer: APT Development Team <deity@lists.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: APT Development Team <deity@lists.debian.org>
 Uploaders: Michael Vogt <mvo@debian.org>,
            Julian Andres Klode <jak@debian.org>,
            David Kalnischkies <donkult@debian.org>
-- 
cgit v1.2.3