-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Aug 2025 17:13:52 +0200 Source: aide Binary: aide aide-dbgsym Architecture: armhf Version: 0.18.3-1+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-03) Changed-By: Hannes von Haugwitz Description: aide - Advanced Intrusion Detection Environment - dynamic binary Changes: aide (0.18.3-1+deb12u4) bookworm-security; urgency=high . * Apply upstream patch to escape control characters in report and log output (CVE-2025-54389) * also apply upstream patch to fix double free during report generation, which is required for the security patch * Apply upstream patch to fix null pointer dereference after reading incorrectly encoded xattr attributes from database (CVE-2025-54409) Checksums-Sha1: eb95c93c576afa1da3b8b1a6998f0b37cea5115b 191156 aide-dbgsym_0.18.3-1+deb12u4_armhf.deb d588a0b320c3fbd15bccb7251cda5e2351eeb345 6867 aide_0.18.3-1+deb12u4_armhf-buildd.buildinfo 867284afedf43bdede81dae3e9f09676fe2c2a8f 122776 aide_0.18.3-1+deb12u4_armhf.deb Checksums-Sha256: 04970ff3620cc88ddc411afeda67f8e98af0c36abff91317e835af38ecedbda0 191156 aide-dbgsym_0.18.3-1+deb12u4_armhf.deb c4a127e3d19602c02a503553bbc1ec10b1cf8aec0753b85ab17e3f1ff76554be 6867 aide_0.18.3-1+deb12u4_armhf-buildd.buildinfo 634348c0d67481bfcf6c51866e5f5ad92a8299753735156a221d30d79166853f 122776 aide_0.18.3-1+deb12u4_armhf.deb Files: 90a23b21832a95fbae9440b816147d8e 191156 debug optional aide-dbgsym_0.18.3-1+deb12u4_armhf.deb c2889f16626c12c2b09030f0512d0e31 6867 admin optional aide_0.18.3-1+deb12u4_armhf-buildd.buildinfo 65de185f97aaffe0f8536ea2f71ca218 122776 admin optional aide_0.18.3-1+deb12u4_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENsdrABvTD8MQ0UffVza3l394K2AFAmiaVloACgkQVza3l394 K2Dzew//RVXRfthCYk54pJOlt6TcfU5/TCWnO/yW2kf+kJa7qGwXFHJgf3UUljf8 56tvZ8X9+F1YMoc5deAFZs1QyiTsa/HE4rWonncP9YkgiYk/FD5pSdZU0PHfEpnA DrjuC3N0UxWXp6M58SIeWd7C7jH//D5rOXmmOtaV4+VZMbaEUbt8JKe7V62y3MuF 9yc+cZzP1h/6ON8c+YQOE5UxyWqswZ/905BektJP7GwiYaEg458ioVXJ/FvLPAvO a+F2m95ybcDLZdc2wcG/DAGP3GZftfM48aFomsS7b4gUb69BR2jpv9Fga7hSk1nA i1bgf7qIgnu4ObT5vj/qQL3gpPkwUjBLDQEnio8I1Nq92bBEZAhme3B7GxkplSWH 1YsNfC196tcIN9uv4F5L+kB+GN+FOyFZouaP/2eTxgSrj7V80hCGDF0ch8r0gycu o3JUVHYb0hc+fDm9o2k1M5VwUotc+hn1VI7Xzwo1am5jq/Lewk6tXMk8JrUkgvr/ Z7tfKZJ8+1iq7CHV78SJLdhk86VAZ/DfLS/AEy30/9ih5xZb42zPiIdOkpd+Ge3v JWAuOqL91YECStarR1+B8q14dRr4x+UrLGB4ipYkw3pXPvsLW9e2r57SpENqwowY kBoIVd6yRNF/ZQnpq0HcfX89S/vtqUVLdSndqWYX0a3zQcZ/wcA= =4B9k -----END PGP SIGNATURE-----