Public bug reported:
Please sync aide 0.19.2-3 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: bypass AIDE detection of malicious files
- d/p/CVE-2025-54389.patch: fix output neutralization.
- CVE-2025-54389
* SECURITY UPDATE: Denial of service
- d/p/CVE-2025-54409.patch: fix null pointer dereference and segfault
- CVE-2025-54409
Both vulnerabilities were fixed in debian in version 0.19.2-1.
Changelog entries since current resolute version 0.19.1-2ubuntu1:
aide (0.19.2-3) unstable; urgency=medium
* complete implementation of build-cache
* improve rules:
* 10_aide_dateformats
* 10_aide_days
* 10_aide_hardware
* 11_aide_dateformats_cury
* 31_aide_apt-cacher-ng
* 31_aide_bind9
* 31_aide_cups
* 31_aide_dehydrated
* 31_aide_dev
* 31_aide_icinga2
* 31_aide_man
* 31_aide_postgresql
* 31_aide_samba
* 31_aide_sudo
* 31_aide_systemd
* 31_aide_torrus
* 31_aide_udev
* new rules:
* 31_aide_grub-pc
* 31_aide_ksmtuned
* 31_aide_radvd
* 31_aide_run_systemd_dynamic-uid
* 31_aide_xfsprogs
-- Marc Haber <[email protected]> Tue, 14 Oct 2025
06:52:06 +0200
aide (0.19.2-2) unstable; urgency=medium
* new rules:
* 31_aide_cryptsetup
* 31_aide_postgresql
* 31_aide_systemd_tmpfiles
* 31_aide_valkey
* update rules
* 10_aide_bits
* 10_aide_dateformats
* 11_aide_dateformats_cury
* 31_aide_apt-cacher-ng
* 31_aide_console-setup
* 31_aide_dehydrated
* 31_aide_dokuwiki
* 31_aide_fwupd
* 31_aide_gnupg
* 31_aide_lighttpd
* 31_aide_mariadb
* 31_aide_run_systemd_netif
* 31_aide_schroot
* 31_aide_ssh-server
* 31_aide_systemd_sessions
* 31_aide_udev
* 31_aide_dehydrated
* 31_aide_samba
* 31_aide_spamassassin
* 31_aide_postgresql.
Thanks to Anton Shestakov
* remove obsolete 31_aide_postgresql-15
-- Marc Haber <[email protected]> Fri, 05 Sep 2025
08:00:24 +0200
aide (0.19.2-1) unstable; urgency=medium
* New Upstream version 0.19.2
* This fixes CVE-2025-54389 and CVE-2025-54409.
* improve 31_aide_con-apt
* move most Build-Dependencies to -Arch
* override indep build targets to not invoke upstream build
* make aide-dynamic an Arch: all package
* reformat some files in debian/
-- Marc Haber <[email protected]> Thu, 14 Aug 2025
18:19:18 +0200
** Affects: aide (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: aide (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2132385
Title:
Sync aide 0.19.2-3 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aide/+bug/2132385/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
