Bug number - 763780

Part of package: apt.

Bug description:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
Debian Bug report logs -  #763780 apt-get: CVE-2014-7206: Insecure temporary changelog handling
Package:      apt; Maintainer for apt is APT Development Team <deity@lists.debian.org>; Source for apt is src:apt (PTS, buildd, popcon).
Reported by: Guillem Jover <guillem@debian.org>
Date: Thu,  2 Oct 2014 16:33:07 UTC
Severity: serious
Tags: patch, security
Found in version apt/0.8.11
Fixed in versions apt/1.0.9.2, 0.9.7.9+deb7u6, apt/1.1~exp4
Done: Michael Vogt <mvo@debian.org>
Bug is archived. No further changes may be made.

All x-patch and x-diff attachments.

Patch	Author	Date
0001-apt-get-Create-the-temporary-downloaded-changelog-in.patch	Guillem Jover <guillem@debian.org>	Thu, 2 Oct 2014 18:29:45 +0200

Original bug report here.