UbuntuUpdates.org

Package "aptdaemon-data"

Name: aptdaemon-data

Description:

data files for clients
Latest version: 1.1.1+bzr982-0ubuntu32.3
Release: focal (20.04)
Level: security
Repository: main
Head package: aptdaemon
Homepage: https://launchpad.net/aptdaemon

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "aptdaemon-data"

All arch deb package
APT INSTALL

Other versions of "aptdaemon-data" in Focal

Repository Area Version
base main 1.1.1+bzr982-0ubuntu32
updates main 1.1.1+bzr982-0ubuntu32.3
PPA: Mint Upstream 1.1.1+bzr982-0ubuntu39mint1
PPA: Mint Upstream 1.1.1+bzr982-0ubuntu44mint1

Changelog

Version: 1.1.1+bzr982-0ubuntu32.3 2020-12-08 18:06:37 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu32.3) focal-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349

 -- Marc Deslauriers <email address hidden> Wed, 02 Dec 2020 07:42:52 -0500
Source diff to previous version
CVE-2020-16128 RESERVED
CVE-2020-27349 RESERVED

Version: 1.1.1+bzr982-0ubuntu32.2 2020-09-24 14:06:24 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu32.2) focal-security; urgency=medium

  * SECURITY UPDATE: information disclosure via locale (LP: #1888235)
    - debian/patches/CVE-2020-15703.patch: reject locales with full paths
      in aptdaemon/core.py.
    - CVE-2020-15703

 -- Marc Deslauriers <email address hidden> Wed, 23 Sep 2020 07:20:14 -0400
1888235 Improper Input Validation vulnerability in Locale property of a transaction leading to Information Disclosure
CVE-2020-15703 RESERVED


About   -   Send Feedback to @ubuntu_updates