CVE-2009-1300
published 2009-04-16CVE-2009-1300: apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which…
critical10CVSS 3.1
AVNACLAuNCCICAC
apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | advanced_package_tool | — | — |
| debian | apt | < apt 0.7.21 (bookworm) | apt 0.7.21 (bookworm) |
| debian | apt | >= 0 < 0.7.21 | 0.7.21 |
| debian | apt | >= 0 < 0.7.21 | 0.7.21 |
| debian | apt | >= 0 < 0.7.21 | 0.7.21 |
| debian | apt | >= 0 < 0.7.21 | 0.7.21 |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL