CVE-2009-1300

2009-04-1615:12:57

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.007

Percentile

81.0%

JSON

apt 0.7.20 does not check when the date command returns an “invalid date” error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

OSVersionArchitecturePackageVersionFilename
Debian12allapt< 0.7.21apt_0.7.21_all.deb
Debian11allapt< 0.7.21apt_0.7.21_all.deb
Debian999allapt< 0.7.21apt_0.7.21_all.deb
Debian13allapt< 0.7.21apt_0.7.21_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	apt	< 0.7.21	apt_0.7.21_all.deb
Debian	11	all	apt	< 0.7.21	apt_0.7.21_all.deb
Debian	999	all	apt	< 0.7.21	apt_0.7.21_all.deb
Debian	13	all	apt	< 0.7.21	apt_0.7.21_all.deb