ELA-344-1 apt security update

multiple integer overflows and underflows

2021-01-11
Packageapt
Version1.0.9.8.7
Related CVEs CVE-2020-27350

It was discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could cause out-of-bounds reads or infinite loops, resulting in denial of service when processing malformed deb files.

For Debian 8 jessie, these problems have been fixed in version 1.0.9.8.7.

We recommend that you upgrade your apt packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/