-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Aug 2025 17:13:52 +0200 Source: aide Binary: aide aide-dbgsym Architecture: i386 Version: 0.18.3-1+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Hannes von Haugwitz Description: aide - Advanced Intrusion Detection Environment - dynamic binary Changes: aide (0.18.3-1+deb12u4) bookworm-security; urgency=high . * Apply upstream patch to escape control characters in report and log output (CVE-2025-54389) * also apply upstream patch to fix double free during report generation, which is required for the security patch * Apply upstream patch to fix null pointer dereference after reading incorrectly encoded xattr attributes from database (CVE-2025-54409) Checksums-Sha1: b08cef27f6a5fbb9a1cf3b59697a2b05b543a112 167448 aide-dbgsym_0.18.3-1+deb12u4_i386.deb 6315cb120855f8e2df9777ffc4dae5cba3b15a22 6948 aide_0.18.3-1+deb12u4_i386-buildd.buildinfo 0d6beddb00bb39fe173631b5bca943f98a9d0520 139584 aide_0.18.3-1+deb12u4_i386.deb Checksums-Sha256: 0f93ae05ced7b332062dbd91aaf449ea199b2cabbe347547351c754becbb2f15 167448 aide-dbgsym_0.18.3-1+deb12u4_i386.deb 3bf4edd5c886ac48140716794b0b618d6b183327d7b69ea3ca68f27f22f2531d 6948 aide_0.18.3-1+deb12u4_i386-buildd.buildinfo 19f28cef8ebd8792590efc9877c271b9a23392bb5db238f395598a95c4b3d435 139584 aide_0.18.3-1+deb12u4_i386.deb Files: e92002160ce8ddca31ae12db8d89155a 167448 debug optional aide-dbgsym_0.18.3-1+deb12u4_i386.deb cce69426f333a4ef84629a680a17cc8c 6948 admin optional aide_0.18.3-1+deb12u4_i386-buildd.buildinfo c78ac75f4e0c987dd5e75a58f7fc92dd 139584 admin optional aide_0.18.3-1+deb12u4_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAmiaVgIACgkQiZlfn74W V6lWcxAAmRTkmJuB4vnNc/M59BzyyVrzCumT4FHgSm99LBGMR7pCgJTgvSsyC4Np 139yO25b3z+jw6NnZs/0lKLeKRz/d7zSHfJuNrUw7iSJMd0azNo0+SNsLAQVzw2E nL8kOpqhZ50kNmhPCb7+K6f/d/15ASeIrW9tj7srrC3gFSYWWWjoqt733KAYsTSh BM9j2KeQ3rgtmSE//0CrM6/TL+dUg8zJ/kIlghnnsDfDGPYqE3edJ4mgyUg98+yO +UPy3zzN5jh3pvAj5Yh/yAEyTxG6mDjiXDvSLeFg0MH/uX/ZK9Na4rzeDJjffAGK od3BpCe/UdBBfqIsR8iZCQ8X+R5FckKgk2sXS5vipCVHYJuTbrRd745giI2v9Fn1 LbeRsOFhL5PitDUCOyxIr5Gy8/yX0fn4GGkshzXtV2gmql9LU+nVw2F1qWuHV5KX cA8usyluwB1T/vDl06GCH3sRQLNOR1atwRnQ2GZYEQcI2LLCl0o7ms+gssvCkN9x APfOdKXP9Pjtx1p1Kt8Kk5zfKveXlNHlG+U+DL5JtI1/n/8oq+JyJgTvGE3c7pqv Dvw1Jp7028QYiQuvmkLUKwRz+6lMeK1vP7DWAK9AF2uZPNWUcr6FVMYmuX0WrD5z kHO5AZu9V2dStcRF+9WtaJWTRJWKvpc/BGT842Y6aYr2uKLP+fc= =z0v+ -----END PGP SIGNATURE-----