CVE-2009-1300: Input Validation
First published: Thu Apr 16 2009(Updated: )
apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Debian Advanced Package Tool | =0.7.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523213
- https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/354793
- http://www.openwall.com/lists/oss-security/2009/04/08/11
- http://secunia.com/advisories/34832
- http://secunia.com/advisories/34829
- http://www.debian.org/security/2009/dsa-1779
- http://secunia.com/advisories/34874
- https://usn.ubuntu.com/762-1/
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/debian
- canonical/debian advanced package tool
- version/debian advanced package tool/0.7.20