From 55971004215609a02ca19c59bd058da20729ba11 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 14 Mar 2013 14:26:43 +0100 Subject: * SECURITY UPDATE: InRelease verification bypass - CVE-2013-1051 * apt-pkg/deb/debmetaindex.cc, test/integration/test-bug-595691-empty-and-broken-archive-files, test/integration/test-releasefile-verification: - disable InRelease downloading until the verification issue is fixed, thanks to Ansgar Burchardt for finding the flaw --- debian/changelog | 14 ++++++++++++++ debian/control | 4 ++-- 2 files changed, 16 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 891c4f9da..9ed9b4d61 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +apt (0.9.7.8) unstable; urgency=criticial + + * SECURITY UPDATE: InRelease verification bypass + - CVE-2013-1051 + + [ David Kalnischk ] + * apt-pkg/deb/debmetaindex.cc, + test/integration/test-bug-595691-empty-and-broken-archive-files, + test/integration/test-releasefile-verification: + - disable InRelease downloading until the verification issue is + fixed, thanks to Ansgar Burchardt for finding the flaw + + -- Michael Vogt Thu, 14 Mar 2013 07:47:36 +0100 + apt (0.9.7.7) unstable; urgency=low [ Program translation updates ] diff --git a/debian/control b/debian/control index 762d2818e..50b3599fc 100644 --- a/debian/control +++ b/debian/control @@ -12,8 +12,8 @@ Build-Depends: dpkg-dev (>= 1.15.8), debhelper (>= 8.1.3~), libdb-dev, po4a (>= 0.34-2), autotools-dev, autoconf, automake Build-Depends-Indep: doxygen, debiandoc-sgml Build-Conflicts: autoconf2.13, automake1.4 -Vcs-Bzr: http://bzr.debian.org/apt/debian-sid/ -Vcs-Browser: http://bzr.debian.org/loggerhead/apt/debian-sid/ +Vcs-Bzr: http://bzr.debian.org/apt/debian-wheezy/ +Vcs-Browser: http://bzr.debian.org/loggerhead/apt/debian-wheezy/ Package: apt Architecture: any -- cgit v1.2.3-70-g09d2