Information on source package apt

Available versions

ReleaseVersion
bullseye2.2.4
bookworm2.6.1
trixie2.9.17
sid2.9.18

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2011-3374vulnerablevulnerablevulnerablevulnerableIt was found that apt-key in apt, all versions, do not correctly valid ...

Resolved issues

BugDescription
CVE-2020-27350APT had several integer overflows and underflows while parsing .deb pa ...
CVE-2020-3810Missing input validation in the ar/tar implementations of APT before v ...
CVE-2019-3462Incorrect sanitation of the 302 redirect field in HTTP transport metho ...
CVE-2018-0501The mirror:// method implementation in Advanced Package Tool (APT) 1.6 ...
CVE-2016-1252The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable ...
CVE-2014-7206The changelog command in Apt before 1.0.9.2 allows local users to writ ...
CVE-2014-6273Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and ...
CVE-2014-0490The apt-get download command in APT before 1.0.9 does not properly val ...
CVE-2014-0489APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, doe ...
CVE-2014-0488APT before 1.0.9 does not "invalidate repository data" when moving fro ...
CVE-2014-0487APT before 1.0.9 does not verify downloaded files if they have been mo ...
CVE-2014-0478APT before 1.0.4 does not properly validate source packages, which all ...
CVE-2013-1051apt 0.8.16, 0.9.7, and possibly other versions does not properly handl ...
CVE-2012-3587APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ...
CVE-2012-0961Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ub ...
CVE-2012-0954APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ...
CVE-2012-0214The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Ad ...
CVE-2011-3634methods/https.cc in apt before 0.8.11 accepts connections when the cer ...
CVE-2011-1829APT before 0.8.15.2 does not properly validate inline GPG signatures, ...
CVE-2009-1358apt-get in apt before 0.7.21 does not check for the correct error code ...
CVE-2009-1300apt 0.7.20 does not check when the date command returns an "invalid da ...

Security announcements

DSA / DLADescription
DLA-2487-1apt - security update
DSA-4808-1apt - security update
DLA-2210-1apt - security update
DSA-4685-1apt - security update
DSA-4371-1apt - security update
DLA-1637-1apt - security update
DSA-3733-1apt - security update
DSA-3048-1apt - security update
DSA-3031-1apt - security update
DLA-58-1apt - security update
DSA-3025-1apt - security update
DLA-53-1apt - security update
DSA-2958-1apt - security update
DLA-0005-1apt - security update
DSA-1779-1apt - several vulnerabilities

Search for package or bug name: Reporting problems