9 matches found
Fedora 32 : apt (2020-f03cfe3df5)
New upstream release with CVE fixed https://security-tracker.debian.org/tracker/CVE-2020-3810 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
USN-4359-1: APT vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system...
CVE-2020-3810
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files...
CVE-2020-3810
CVE-2020-3810 : Missing input validation in the ar/tar implementations of apt could cause a denial of service when processing specially crafted deb files. Affected: apt before 2.1.2. Remediation: upgrade to apt 2.1.2 or newer (per Debian/ Fedora advisories referencing the fix).
[SECURITY] [DLA 2210-1] apt security update
Package : apt Version : 1.0.9.8.6 CVE ID : CVE-2020-3810 When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not stop at 0, but would wrap around and continue...
[SECURITY] [DSA 4685-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4685-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4685-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4685-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2020 https://www.debian.org/security/faq -...
Debian DSA-4685-1 : apt - security update
Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
UBUNTU-CVE-2020-3810
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files...