Package : apt Version : 1.0.9.8.6 CVE ID : CVE-2020-3810 When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not stop at 0, but would wrap around and continue reading from the stack, without any limit. For Debian 8 "Jessie", this problem has been fixed in version 1.0.9.8.6. We recommend that you upgrade your apt packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Best, Utkarsh
Debian LTS: DLA-2210-1: apt security update
May 14, 2020
When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because th...
Summary
For Debian 8 "Jessie", this problem has been fixed in version
1.0.9.8.6.
We recommend that you upgrade your apt packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Best,
Utkarsh
Severity
Package : apt
Version : 1.0.9.8.6
CVE ID : CVE-2020-3810
News
HOWTOs
About Us
Powered By
