CVE-2019-15795

NameCVE-2019-15795
Descriptionpython-apt only checks the MD5 sums of downloaded files in `Version.fe ...
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2074-1, DSA-4609-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
python-apt (PTS)buster, buster (security)1.8.4.3fixed
bullseye2.2.1fixed
bookworm, sid2.3.0fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
python-aptsourcejessie0.9.3.13DLA-2074-1
python-aptsourcestretch1.4.1DSA-4609-1
python-aptsourcebuster1.8.4.1DSA-4609-1
python-aptsource(unstable)1.8.5

Notes

https://salsa.debian.org/apt-team/python-apt/commit/e175130e51c2b0424f3dfeb825e3dc598fec1a24 (1.8.5)

Search for package or bug name: Reporting problems