Package "apt-doc"

Name:	apt-doc
Description:	documentation for APT
Latest version:	1.2.32ubuntu0.2
Release:	xenial (16.04)
Level:	security
Repository:	main
Head package:	apt

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "apt-doc"

All arch deb package

APT INSTALL

Other versions of "apt-doc" in Xenial

Repository	Area	Version
base	main	1.2.10ubuntu1
updates	main	1.2.35

Changelog

Version: 1.2.32ubuntu0.2 2020-12-09 17:06:18 UTC

Version: 1.2.32ubuntu0.2	2020-12-09 17:06:18 UTC
apt (1.2.32ubuntu0.2) xenial-security; urgency=high * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) - apt-pkg/contrib/arfile.cc: add extra checks. - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB - test/: add tests. - CVE-2020-27350 Additional hardening: - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB -- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:24:07 +0100
Source diff to previous version

apt (1.2.32ubuntu0.2) xenial-security; urgency=high * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193) - apt-pkg/contrib/arfile.cc: add extra checks. - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB - test/*: add tests. - CVE-2020-27350 * Additional hardening: - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB -- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:24:07 +0100

Source diff to previous version

Version: 1.2.32ubuntu0.1 2020-05-14 03:06:19 UTC

apt (1.2.32ubuntu0.1) xenial-security; urgency=high * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177) - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated member names in error path - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated member names in error path - CVE-2020-3810 * Add .gitlab-ci.yml for CI testing on Salsa -- Julian Andres Klode <email address hidden> Tue, 12 May 2020 20:42:53 +0200

Source diff to previous version

1878177	CVE-2020-3810 out-of-bound stack reads in arfile
CVE-2020-3810	apt out-of-bounds read in .ar implemation

Version: 1.2.29ubuntu0.1 2019-01-22 13:06:58 UTC

apt (1.2.29ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: content injection in http method (CVE-2019-3462) (LP: #1812353) -- Julian Andres Klode <email address hidden> Fri, 18 Jan 2019 11:54:00 +0100

Source diff to previous version

1812353	content injection in http method (CVE-2019-3462)
CVE-2019-3462	Content injection in APT http medhod when using redirects

Version: 1.2.15ubuntu0.2 2016-12-13 19:07:01 UTC

apt (1.2.15ubuntu0.2) xenial-security; urgency=high * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252) Thanks to Jann Horn, Google Project Zero for reporting the issue (LP: #1647467) * gpgv: Flush the files before checking for errors -- Julian Andres Klode <email address hidden> Thu, 08 Dec 2016 15:28:08 +0100

1647467

InRelease file splitter treats getline() errors as EOF

About - Send Feedback to @ubuntu_updates

Package "apt-doc"

Links

Download "apt-doc"

Other versions of "apt-doc" in Xenial

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates