[DSA 4609-1] python-apt security update

Two security issues were found in the Python interface to the apt package manager; package downloads from unsigned repositories were incorrectly rejected and the hash validation relied on MD5.

Package : python-apt
CVE ID : CVE-2019-15795 CVE-2019-15796
Debian Bug : 944696

Two security issues were found in the Python interface to the apt
package manager; package downloads from unsigned repositories were
incorrectly rejected and the hash validation relied on MD5.

For the oldstable distribution (stretch), these problems have been fixed
in version 1.4.1.

For the stable distribution (buster), these problems have been fixed in
version 1.8.4.1.

We recommend that you upgrade your python-apt packages.

For the detailed security status of python-apt please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-apt

Deja un comentario

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.