[ubuntu/oracular-updates] apt 2.9.8ubuntu0.1 (Accepted)
Timo Aaltonen
tjaalton at ubuntu.com
Mon Apr 28 08:47:21 UTC 2025
apt (2.9.8ubuntu0.1) oracular; urgency=medium
* Fix buffer overflow, stack overflow, exponential complexity in
apt-ftparchive Contents generation (LP: #2083697)
- ftparchive: Mystrdup: Add safety check and bump buffer size
- ftparchive: contents: Avoid exponential complexity and overflows
- test framework: Improve valgrind support
- test: Check that apt-ftparchive handles deep paths
* Workaround valgrind "invalid read" in ExtractTar::Go by moving large
buffer from stack to heap. The large buffer triggered some bugs in
valgrind stack clash protection handling.
* debian/gbp.conf: Point at oracular branch
Date: 2024-10-23 14:54:08.428212+00:00
Changed-By: Julian Andres Klode <julian.klode at canonical.com>
Signed-By: Timo Aaltonen <tjaalton at ubuntu.com>
https://launchpad.net/ubuntu/+source/apt/2.9.8ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list