Debian Security Advisory
DLA-58-2 apt -- LTS security update
- Date Reported:
- 23 Sep 2014
- Affected Packages:
- apt
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-6273.
- More information:
-
This update fixes a regression introduced in 0.8.10.3+squeeze5 where apt would send invalid HTTP requests when sending If-Range queries.
For reference, the original advisory text follows.
The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the
http
apt method binary, or potentially to arbitrary code execution.The following regression fixes were included in this update:
- Fix regression from the previous update in DLA-53-1 when the custom apt configuration option for Dir::state::lists is set to a relative path (#762160).
- Fix regression in the reverificaiton handling of cdrom: sources that may lead to incorrect hashsum warnings. Affected users need to run "apt-cdrom add" again after the update was applied.
- Fix regression from the previous update in DLA-53-1 when file:/// sources are used and those are on a different partition than the apt state directory.
For Debian 6
Squeeze
, these issues have been fixed in apt version 0.8.10.3+squeeze6