Debian Linux Security Advisory 4685-1 - Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files.
d11a1baf9490082af927a3e0c3aa42218a73c54fe7796464fc703c7e99185b0f