it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4809-1] python-apt security update

From: Salvatore Bonaccorso <carnil AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4809-1] python-apt security update
Date: Wed, 09 Dec 2020 16:45:02 +0000
List-archive: https://lists.debian.org/msgid-search/E1kn2aM-0006IB-Fg AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=wwIPBmC8v5ssTkKmKxKuuJsZ6IBSG1NPcwdABZHgekQ=; b=G3 p/MN1g3Vwe1eF3TaIoJUbtUm/CzXrUAZMn987qpUKKMEG4Frk49do5BqQ5dFXg8pJg5VKQ2ZYWknJ HuDqpbl0Z9BZBNYQZIu0b2qlPGCVBAhAQWy3Pquuy0NZFhHeuunVz+uMAa0ENfIYu/rVk9Y9PKAOX gbzeC5O9wFgzzev8HkAE3r2Xb/payjR9OZ4N8bulPSjl5CYmwF/FMETg7K60dXgu/YK0fRAB9xKJE E2C04hvbdy9dljVksuWmOTRZAfbuoZo6DBVndVbRkLz1pLOrQXw8PDq92qCVeKK2ySRnjSE2J+yUx w9Z7SESMYrZVJsa6Gc9JlLBaCWv21ytg==;
Old-return-path: <carnil AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 9 Dec 2020 16:45:23 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <s66Vhaap8VI.A.YfC.j8P0fB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4809-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 09, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : python-apt
CVE ID : CVE-2020-27351

Various memory and file descriptor leaks were discovered in the Python
interface to the APT package management runtime library, which could
result in denial of service.

For the stable distribution (buster), this problem has been fixed in
version 1.8.4.2.

We recommend that you upgrade your python-apt packages.

For the detailed security status of python-apt please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/python-apt

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl/Q/tpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sd5w/8Cm3AbzoppHExsMMPjE7inDwuxbgxVCnPP4trP5ktgnytv8OQtatioVW7
c25wD0x9+UsmrbeVPwaR4WrZwkln/ZFKt4FjjlK0VbxCPJ5pfFvuE8f0yx7uFRfG
kVRUoSU6dLJ5zwytA124N911CwRe4YbV6KKfEkd5wk/2q7s/O9YBOSB3qsxGrA38
0MJxuzhZ4/Iix1OcmiVOEusnbE9Xz5iGR1RAFmwGlPsi8LhjZabEaZDR4QMsg4+X
3x+NaZi3jmqfRNa/TmB/5IWLCMdW0CwGWwZ+tcEBelb/aiLdLdN34uupuOpLcjAI
JQEru605v4+eHIfeZxj+pxl/iuWEZHEA58D+utE9/zWBTv0AxgZ+0j2PiLHhzy/o
bLZy8WdcVopvRXSmn5N1N/Wse29jMLg2KATWZJ/Yg7gUsGegEY1swWTESItmmJIJ
O56NgqsysdicrV8GTBh/mBOXXzZ8dybMfHIvaNC9gS8xHtXYF/X2VCf8r26f/ew8
KzjWwK78vTnVCIDhup36RUyb/qw2n7kuX2W+0PZIfLotbvm/HeX7falQ0a8qKA6s
kd2k7Wg7dLf3C6ZtZmD31P3yBU8sJZjj2BTmTgKb8dVa2TTIh6nczys1NONB5qs8
brfJbNqLRaZZRkIS+OrhVfvx0e17KiXZhQoOGjYLigouGqhFjPc=
=TeSG
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4809-1] python-apt security update, Salvatore Bonaccorso, 09.12.2020

Archiv bereitgestellt durch MHonArc 2.6.19.