ELA-228-1 apt security update

out-of-bounds read

Related CVEs CVE-2020-3810

Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files.

For Debian 7 Wheezy, these problems have been fixed in version

We recommend that you upgrade your apt packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.