-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Aug 2025 17:13:52 +0200 Source: aide Binary: aide-common aide-dynamic Architecture: all Version: 0.18.3-1+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Hannes von Haugwitz Description: aide-common - Advanced Intrusion Detection Environment - Common files aide-dynamic - Advanced Intrusion Detection Environment - transitional package Changes: aide (0.18.3-1+deb12u4) bookworm-security; urgency=high . * Apply upstream patch to escape control characters in report and log output (CVE-2025-54389) * also apply upstream patch to fix double free during report generation, which is required for the security patch * Apply upstream patch to fix null pointer dereference after reading incorrectly encoded xattr attributes from database (CVE-2025-54409) Checksums-Sha1: 1b12fa3755a0d1a3a3838c32e6d98380a7c1cbb7 107776 aide-common_0.18.3-1+deb12u4_all.deb 3881f493b96254e17e0625f3542ca6bda5f1ebfb 33332 aide-dynamic_0.18.3-1+deb12u4_all.deb 69eda5e8e7d5a80475a0779ed514a8d59c74d046 7055 aide_0.18.3-1+deb12u4_all-buildd.buildinfo Checksums-Sha256: d2af0a646166aca8dc4d1ecae339b637d0c059cc41c97695ca27379007bdd59f 107776 aide-common_0.18.3-1+deb12u4_all.deb 71fc07c77ece2e5f4adc3e37540133eb680dbe745ea2346cd8115d4faba2c983 33332 aide-dynamic_0.18.3-1+deb12u4_all.deb b0cdffc456f62ddc8fd081462aee47b143322913db24e0d3293c4b957fcb8c6e 7055 aide_0.18.3-1+deb12u4_all-buildd.buildinfo Files: bf06c08b7f34ec7f4efe88552a45eea5 107776 admin optional aide-common_0.18.3-1+deb12u4_all.deb 896afb7ab42d2daada343f577efa4246 33332 oldlibs optional aide-dynamic_0.18.3-1+deb12u4_all.deb 84e1c9b267e6c6ad7da32d49fc729ffc 7055 admin optional aide_0.18.3-1+deb12u4_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEj4Fym5GgeZdPqKhrJm69HxMTN+oFAmiaVjgACgkQJm69HxMT N+qsJg/+NBwwIQV+8zLPn8iqh9EMf8gBbBsHq2MaYDHJfz3wMiXnV58iYBLNuAap RwYv1fYCT8guVdwQ/fbrHyooEaD3yFnP4UQXAi5oj8CFpmvMrKnYuHx5L+o8M1bf 7CO8Ndj0TB5dHK5aUr1EPlhk79iQgjibFA5PKOMgzDnklR6KEhuQsOtM7PBu3Vps G/gcwPZRLzmVEZEUg1E6mL+qvZg5PCGJ7A6iwVkVUZCDZ+VF5hRpT8MbtdcrUmml 6z3JTfDCp6YnAc0X6cf6rBC4eXbyZD57W+/5oW8d2rLisPD2+ACA1wHrOiMa2XhP ZyG8zwsqZlEHJCi6zqaAI3KsW67WnlymfxHb5tt8d2aHB+gxYDIGzvHYpAneeCgx tzX60mL+AWn3h81DNjvk8UJWHLXwZ1DgNYWigTaE3tA8iweDEYCD+rspwn89NWrX eETjmne/qjoigXq6L/EJAoTNYz3rRGbQFe43JY6xL3V28wuXcYMx/k9C17KIgpem FbYSfu8XEB2rRheIyk0/c2p1n2NZdBX0Vg0W77yNPdp77yki5pN0oPfJSbS0zh3/ KaqNGCWucSmfeeykF0ELii3uUtlEEb32F1GPmEojRcDK1vc+z/7dEa6v4eg7gLXd gBg7aYC79HjwbrDNa1EQ+RmZKKQ7HTsxt3K9Baxo7UhJFaapico= =KIlj -----END PGP SIGNATURE-----