[SECURITY] [DLA 2488-1] python-apt security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2488-1] python-apt security update
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Thu, 10 Dec 2020 01:25:59 +0530
Message-id: <[🔎] CAPP0f95iUcacz6YO9PtP_Nwn1-Gxu3PCdV+qR4XEy-bCnLmz1A@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2488-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
December 10, 2020                           https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : python-apt
Version        : 1.4.2
CVE ID         : CVE-2020-27351

Various memory and file descriptor leaks were discovered in the Python
interface to the APT package management runtime library, which could
result in denial of service.

For Debian 9 stretch, this problem has been fixed in version
1.4.2.

We recommend that you upgrade your python-apt packages.

For the detailed security status of python-apt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-apt

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl/RK68ACgkQgj6WdgbD
S5YLQw//QUM3G6FC5UrDmnfYCeS9PX9QL62QLZepH952ESj2xGQYZTrh4zcK+9ot
3NMJQTQA6PyHxZuTMqBxLnq4vm0OCjJIK2NBbqXD3P9+OyJ+dWH69K3goWE3Kydp
6wxaubf10TzHDCwXvn+evRUA2iDCXW7xsRqM0PajaM3/t1JsLAz2L5IRH6Rw562W
32Zl3JST31Me3RsPjOxZFDfUcorMykxh7MQSCI2tVSLbLaIYSS+0WbQVLFknQnJw
+r4tEbwapYaNC55qbbMwkqTUjTN4r4sWVWvTQSMH4MK+TZ/MdpFLqfaZqoladvOA
eHSUzB3ke7X0ktW3SGAC++hdq+VUKUbgdN/g92xInAHYwjVregUNR4W5dVTLMWEO
irRHUkLEHg5fUNG/1hN9UOGXQ3eY2njPcQgEeDvE+B58qxjKpGxBNhXutJAZYCUb
UjuWcvTb+wNkJqOlS1l1kqe6zeTxEnX62QibUZV2b8wjOc/Jt1lVxiKzY9Ai2+O4
dnpq3ad527p6QGL473L6ptWhAFNeOrIrBioXiGjnuY+svka0ENqdjDWVLDRQ/wn5
+j7W8LFvkNRzwhf+Ul70hNzhWQM+dzV9cKclOfDE4G3uaddxJqzUfpZacAFxqnRf
i62Hf9F/f99zXUi0yFWqtSHYTGQ2fjIqwsWK7V8TRh5/N5fvzFs=
=CgHO
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2487-1] apt security update
Next by Date: [SECURITY] [DLA 2483-1] linux-4.19 security update
Previous by thread: [SECURITY] [DLA 2487-1] apt security update
Next by thread: [SECURITY] [DLA 2483-1] linux-4.19 security update
Index(es):
- Date
- Thread