-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Aug 2025 17:13:52 +0200 Source: aide Binary: aide aide-dbgsym Architecture: arm64 Version: 0.18.3-1+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-conova-03) Changed-By: Hannes von Haugwitz Description: aide - Advanced Intrusion Detection Environment - dynamic binary Changes: aide (0.18.3-1+deb12u4) bookworm-security; urgency=high . * Apply upstream patch to escape control characters in report and log output (CVE-2025-54389) * also apply upstream patch to fix double free during report generation, which is required for the security patch * Apply upstream patch to fix null pointer dereference after reading incorrectly encoded xattr attributes from database (CVE-2025-54409) Checksums-Sha1: 6684a9091bf1c8f53b77c117142a4f3b4b83969b 191940 aide-dbgsym_0.18.3-1+deb12u4_arm64.deb d59fdfaf15f82e2e3e169d42870779aca2cd8aeb 7023 aide_0.18.3-1+deb12u4_arm64-buildd.buildinfo 852da17075af9ea458a9c4a4f678d3fc7a92dffa 124044 aide_0.18.3-1+deb12u4_arm64.deb Checksums-Sha256: 58e4440d42a5d944c77056c2dde9b14cec65ac6d10f214443d011fcb35442967 191940 aide-dbgsym_0.18.3-1+deb12u4_arm64.deb 5462efc44be05c0deca2c0f4ef67f0162fd6517ed6665395063f31566f608dfe 7023 aide_0.18.3-1+deb12u4_arm64-buildd.buildinfo 1ec3dc1f21d8ec41a38255398b3e9eacd5acc53cf05a3f9663c6bd0d744f261c 124044 aide_0.18.3-1+deb12u4_arm64.deb Files: 35f92a1d2a959454ebfe0cf7c41fe358 191940 debug optional aide-dbgsym_0.18.3-1+deb12u4_arm64.deb 5baa36b7d90a23271431f230a33b6eee 7023 admin optional aide_0.18.3-1+deb12u4_arm64-buildd.buildinfo 87fe7ad6c2536c83e40129dc650d3a8b 124044 admin optional aide_0.18.3-1+deb12u4_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAmiaVgMACgkQlST9Us03 ywtBfA//dLlIglZ64O3t1a1vFhS30ILV6EcqflgfOGTWAMt9g5Av9/q+n/1Vurnq gBGeDs3fwRxS8llxEszvJ5q0Yy9D3zvYLDWh+0Q5bKelkt97MjXm/zbV+ScFymoo uvE3/Uoj7xb8w9A0a1DYGREtu0zbfLYocjmtWFnobmGcmQTYLKXtWnA+qffQemNK lTM7fqnZuADWHqvGLnbKUI95mpXpTrjmjc6JdQs2MwBeFeEegZNF0YfHtE6/s5Hb 2n8rToSqnab3XXlyYhQqzb/1FYvgSE78xqfgd0HijFJOIKrVnVnXzjuvyFULdBLe SVDYA07G1TwRFtOOI3DDm5D2Cf4nYhsyf9wO8dnQjzE0aB2klLOkY+CdBPLaakSB hSjOuIUo83OTTfEb8M4QtAnLsBgBDBodUPRKbr4PLpbs8kO4nv4C9QC4ibNOaguA ZHQ6v1D34es45ZH8UG2goQUnc9TOcq8G71Hon9DFjiR1g4frnvSEKLPvR3fel6jl KA9wK6kH/kSKwrF164kmKGdfKThpd3mXGgAuluFkV+J8PdpqmzSun3v0zB+F0lrz Y/YG9gSoSytzM1nE1jVxu9Zvajk/k7AX9lVseZWwcNC2st1Lw2SmMZEmXLRld0K3 mClXRwHWb852Zv2gWK/JfUu/QesdyzZNJFPm7SqS75y9BtwnoQw= =Y73E -----END PGP SIGNATURE-----