-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Aug 2025 17:13:52 +0200 Source: aide Architecture: source Version: 0.18.3-1+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: Aide Maintainers Changed-By: Hannes von Haugwitz Changes: aide (0.18.3-1+deb12u4) bookworm-security; urgency=high . * Apply upstream patch to escape control characters in report and log output (CVE-2025-54389) * also apply upstream patch to fix double free during report generation, which is required for the security patch * Apply upstream patch to fix null pointer dereference after reading incorrectly encoded xattr attributes from database (CVE-2025-54409) Checksums-Sha1: 5281d3ab28f0f3b93e1e87f0ba4bba9df9aeb13c 2437 aide_0.18.3-1+deb12u4.dsc 087cdd44789e7d9c9aa0fdfeffe2aed9d29b9926 382694 aide_0.18.3.orig.tar.gz 0b7891e1ff539a513308df58bb05955abf0643db 659 aide_0.18.3.orig.tar.gz.asc ed70bd7c39b024a540f2bdab2683bbbfa00ac85a 113672 aide_0.18.3-1+deb12u4.debian.tar.xz 346a36d6db83c5f8c1eefe27e6e62d02930dde7b 7427 aide_0.18.3-1+deb12u4_amd64.buildinfo Checksums-Sha256: d6b154709d6b99fa76721edb75704f1f78d32e8c92808ae845e4f8871c811cdd 2437 aide_0.18.3-1+deb12u4.dsc d47da12c4bf085bfdf1828e087a1db5195a4d217ff4c89f40dbd94e2a887a6a2 382694 aide_0.18.3.orig.tar.gz 701f24027a4ffeee6a643c61e74eab75ef6a99316e5c0889c833395b6cca54a2 659 aide_0.18.3.orig.tar.gz.asc 365f5cadf7463f15f7325caeb8dfce4d7a94fbe326761873e79708097e3168ec 113672 aide_0.18.3-1+deb12u4.debian.tar.xz 7a71c4434f955c9885d85b11ebec9a8b62462b13133fd88901dc5bce334e0b9b 7427 aide_0.18.3-1+deb12u4_amd64.buildinfo Files: d954e01e03859abe8699db7ec3b28d83 2437 admin optional aide_0.18.3-1+deb12u4.dsc 69e744c02fff14007c5c56ca4bb5a6db 382694 admin optional aide_0.18.3.orig.tar.gz 954db54f657543c5fea877f782a2bcf9 659 admin optional aide_0.18.3.orig.tar.gz.asc b23250e7c0283179d79708156cf5a4cf 113672 admin optional aide_0.18.3-1+deb12u4.debian.tar.xz f0e056674d14555fbd009b7fc5baabfe 7427 admin optional aide_0.18.3-1+deb12u4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAmiaCysACgkQGO6GOGAi 71fZwAv9GjchvPjqX4LVQy6JdDzhwLhcvm1BYPnjQb6Omi3kbVhF5ojW5+m7erEE wLL0ndyzYYWre+Z0kVrlppKkmY8hWnjJqj16Hbpf8i/USKQYZkG+UWIM5lNQX7la HXJR4J9804+tB/parWjlQqc+iBiIUi4R4h0t/4KCvmTsGxcq+PRzf7a0RP4mIZwO DC0se7Bqgpgw1kRgzK4+YnpOKROQmQcEUR9DlCEjZZ5X7dAUoK6S3Pp/xxcFRWng ZOOfLrJ2GdvSKnoxT9WsOm25XwHHX1GDVPxfMI3XJgbDUsLdZzoFujT6YOFKDbjK l6tKoc/zoj2MTKtqqlUcQY0mPN0at8boyxDTOVjuII2D0QEgJNc9lvDydXr7C+ir 0COvudOROgMSHNOZGrfJVe8zPSA9qKsjbDu22nycsH0ecwMNldElrtR5Do+8EiHB N/9qE3BN8x9qQv3QLFo8x56G8GkUJBBG7iR3XgW73jweWiGIdVhDNR6V1CSuNESp +CzBt699 =Zhgh -----END PGP SIGNATURE-----