ELA-228-1 apt security update

out-of-bounds read

2020-05-14
Packageapt
Version0.9.7.9+deb7u9
Related CVE CVE-2020-3810

Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files.

For Debian 7 Wheezy, these problems have been fixed in version 0.9.7.9+deb7u9.

We recommend that you upgrade your apt packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/