HCoop Git - ntk/apt.git/commit

HCoop / ntk / apt.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 13fe505) | patch

author	Michael Vogt <mvo@ubuntu.com>
	Tue, 16 Sep 2014 18:23:43 +0000 (20:23 +0200)
committer	Michael Vogt <mvo@ubuntu.com>
	Tue, 16 Sep 2014 18:39:13 +0000 (20:39 +0200)
commit	ca7fd76c2f30c100dcf1c12e717ce397cccd690b
tree	70a49859068972ec03c8c70d581135ee4e1a9c7f	tree \| snapshot (tar.gz zip)
parent	13fe505ceed4cee05667c05cf07896386310ebbc	commit \| diff

SECURITY UPDATE for CVE-2014-{0488,0487,0489}

incorrect invalidating of unauthenticated data (CVE-2014-0488)
incorect verification of 304 reply (CVE-2014-0487)
incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)

apt-pkg/acquire-item.cc		diff \| blob \| blame \| history
apt-pkg/acquire-item.h		diff \| blob \| blame \| history
apt-pkg/contrib/fileutl.h		diff \| blob \| blame \| history
methods/copy.cc		diff \| blob \| blame \| history
test/integration/test-apt-update-stale	[new file with mode: 0755]	blob
test/integration/test-apt-update-unauth	[new file with mode: 0755]	blob
test/integration/test-hashsum-verification		diff \| blob \| blame \| history

ntk's bugfix for apt