[ubuntu/jammy-updates] apt 2.4.14 (Accepted)
Andreas Hasenack
andreas.hasenack at canonical.com
Wed May 28 18:51:07 UTC 2025
apt (2.4.14) jammy; urgency=medium
* Fix buffer overflow, stack overflow, exponential complexity in
apt-ftparchive Contents generation (LP: #2083697)
- ftparchive: Mystrdup: Add safety check and bump buffer size
- ftparchive: contents: Avoid exponential complexity and overflows
- test framework: Improve valgrind support
- test: Check that apt-ftparchive handles deep paths
- increase valgrind cleanliness to make the tests pass
- pkgcachegen: Use placement new to construct header
- Workaround valgrind "invalid read" in ExtractTar::Go by moving large
buffer from stack to heap. The large buffer triggered some bugs in
valgrind stack clash protection handling.
Date: 2024-10-23 15:44:08.227556+00:00
Changed-By: Julian Andres Klode <julian.klode at canonical.com>
Signed-By: Andreas Hasenack <andreas.hasenack at canonical.com>
https://launchpad.net/ubuntu/+source/apt/2.4.14
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list