CVE-2009-1300
apt - several vulnerabilities
EPSS 1.0%
Description
apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.
How to fix CVE-2009-1300
To remediate CVE-2009-1300, upgrade the affected package to a fixed version below.
- Debian/apt—upgrade to 0.7.21 or later
- Debian/apt—upgrade to 0.6.46.4-0.1+etch1 or later
- Debian/apt—upgrade to 0.7.20.2+squeeze1 or later
Is CVE-2009-1300 being exploited?
Low — EPSS is 1.0%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 0.7.21
- from 0, < 0.6.46.4-0.1+etch1
- from 0, < 0.7.20.2+squeeze1