The bug is in debVersioningSystem::CmpFragment(), where value of pointers
A and B grow beyond AEnd and BEnd, respectively. This trivial patch fixes
the problem:
--- apt-0.5.5.1.orig/apt-pkg/deb/debversion.cc
+++ apt-0.5.5.1/apt-pkg/deb/debversion.cc
@@ -65,8 +65,8 @@
{
int first_diff = 0;
- while ((lhs != AEnd && !isdigit(*lhs)) ||
- (rhs != BEnd && !isdigit(*rhs)) )
+ while (lhs != AEnd && rhs != BEnd &&
+ (!isdigit(*lhs) || !isdigit(*rhs)))
{
int vc = order(*lhs);
int rc = order(*rhs);
bye,
Egmont
