Package "apt-transport-https"
Name: |
apt-transport-https
|
Description: |
transitional package for https support
|
Latest version: |
1.6.17 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
apt |
Links
Download "apt-transport-https"
Other versions of "apt-transport-https" in Bionic
Changelog
apt (1.6.17) bionic; urgency=medium
* Bump cache minor version for kernel collection.
The previous update introduced the new kernel autoremoval code which
collects kernels in the cache as providers of a $kernel package.
We need to bump the cache minor version for this as otherwise the
$kernel package might not exist and all kernels end up autoremovable
until a package got installed or sources updated.
|
Source diff to previous version |
apt (1.6.14) bionic; urgency=medium
* RunScripts: Do not reset SIGQUIT and SIGINT to SIG_DFL (LP: #1898026)
* Fix downloads of unsized files that are largest in pipeline (LP: #1921626),
and warn about packages without size (option Acquire::AllowUnsizedPackages)
* JSON hooks 0.2 and assorted JSON bugfixes (LP: #1926150)
- encoder fixes:
+ json: Escape strings using \u escape sequences, add test
+ json: Actually pop states
+ json: Encode NULL strings as null
- json: Flush standard file descriptors before calling hooks
(this avoids output from hooks in middle of apt output)
- Minor fixes to include and C++ namespaces
- non-code changes:
+ test/json: Make the test hook more reliable
+ Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
- semantic changes (new fields, hooks, and protocol 0.2):
+ json: Add origins fields to version
+ upgrade: Add JSON hook support (AptCli::Hooks::Upgrade)
+ json: Add `package-list` and `statistics` install hooks
+ json: Hook protocol 0.2 (added upgrade,downgrade,reinstall modes)
+ Fix a typo in json-hooks-protocol.md (thanks to Brian Murray)
* Avoid infinite loop on EOF on media change prompt (LP: #1928687)
-- Julian Andres Klode <email address hidden> Tue, 15 Jun 2021 16:12:38 +0200
|
Source diff to previous version |
1921626 |
size mismatch error if request of unknown size is larger than others |
1926150 |
[SRU] Backport JSON hooks 0.2 |
1928687 |
Avoid infinite loop on EOF on media change prompt |
|
apt (1.6.13) bionic; urgency=medium
[ David Kalnischkies ]
* Fix incorrect base64 encoding due to int promotion (LP: #1916050)
* Harden test for no new acquires after transaction abort (Closes: #984966)
(LP: #1918920)
[ Julian Andres Klode ]
* Implement update --error-on=any (Closes: #594813) (LP: #1693900)
* Include all translations when building the cache (LP: #1907850)
* Add basic support for the Protected field
* Do not require force-loopbreak on Important packages
(Closes: #983014) (LP: #1916725)
* Protect currently running kernel at run-time (LP: #1615381)
* Make ADDARG{,C}() macros expand to single statements
* Improve immediate configuration handling (LP: #1871268)
- Do not immediately configure m-a: same packages in lockstep
- Ignore failures from immediate configuration. This does not change the
actual installation ordering - we never passed the return code to the
caller and installation went underway anyway if it could be ordered at a
later stage, this just removes spurious after-the-fact errors.
(Closes: #973305, #188161, #211075, #649588)
* Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
(LP: #1918907)
[ Balint Reczey ]
* Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
(LP: #1806076)
-- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 14:09:15 +0100
|
Source diff to previous version |
1916050 |
Invalid base64 for high-bit characters |
1918920 |
Harden test for no new acquires after transaction abort |
1693900 |
apt-get update should return exit code != 0 on error |
1907850 |
Cache not generated for all translations |
1916725 |
Protected/Important packages are not deconfigured, require Force-LoopBreak |
1615381 |
apt-get autoremove may remove current kernel |
1871268 |
Installation fails due to useless immediate configuration error when \ |
1918907 |
Default Acquire::AllowReleaseInfoChange::Suite to \ |
1806076 |
unattended-upgrade --help raises UnicodeEncodeError when stdout encoding is ascii |
984966 |
apt: flaky armhf autopkgtest: File has unexpected size (27 != 39). Mirror sync in progress? |
594813 |
apt: ListUpdate does return True in the case of network errors |
983014 |
manpages-de: Fails to upgrade from 4.2.0-1 to 4.9.1-5: This installation run will require temporarily removing the essential package manpages-de:amd6 |
973305 |
apt-get throws error when run with --simulate and APT::Immediate-Configure set to "false" |
931566 |
Don't complain about suite changes (Acquire::AllowReleaseInfoChange::Suite should be "true") |
|
apt (1.6.12ubuntu0.2) bionic-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
-- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:13:36 +0100
|
Source diff to previous version |
apt (1.6.12ubuntu0.1) bionic-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
-- Julian Andres Klode <email address hidden> Tue, 12 May 2020 20:03:44 +0200
|
1878177 |
CVE-2020-3810 out-of-bound stack reads in arfile |
CVE-2020-3810 |
apt out-of-bounds read in .ar implemation |
|
About
-
Send Feedback to @ubuntu_updates