UbuntuUpdates.org

Package "aptdaemon"

Name: aptdaemon

Description:

transaction based package management service

Latest version: 1.1.1+bzr982-0ubuntu14.5
Release: xenial (16.04)
Level: security
Repository: main
Homepage: https://launchpad.net/aptdaemon

Links


Download "aptdaemon"


Other versions of "aptdaemon" in Xenial

Repository Area Version
base main 1.1.1+bzr982-0ubuntu14
base universe 1.1.1+bzr982-0ubuntu14
security universe 1.1.1+bzr982-0ubuntu14.5
updates universe 1.1.1+bzr982-0ubuntu14.5
updates main 1.1.1+bzr982-0ubuntu14.5
PPA: Kubuntu-ppa Backports 1.1.1+bzr982-0ubuntu16~ubuntu16.04~ppa1
PPA: Mint Upstream 1.1.1+bzr982-0ubuntu39mint1
PPA: Mint Upstream 1.1.1+bzr982-0ubuntu44mint1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.1.1+bzr982-0ubuntu14.5 2020-12-08 18:06:24 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu14.5) xenial-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349

 -- Marc Deslauriers <email address hidden> Wed, 02 Dec 2020 07:44:28 -0500

Source diff to previous version
CVE-2020-16128 RESERVED
CVE-2020-27349 RESERVED

Version: 1.1.1+bzr982-0ubuntu14.4 2020-09-24 14:06:17 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu14.4) xenial-security; urgency=medium

  * SECURITY UPDATE: information disclosure via locale (LP: #1888235)
    - debian/patches/CVE-2020-15703.patch: reject locales with full paths
      in aptdaemon/core.py.
    - CVE-2020-15703

 -- Marc Deslauriers <email address hidden> Wed, 23 Sep 2020 07:28:34 -0400

Source diff to previous version
1888235 Improper Input Validation vulnerability in Locale property of a transaction leading to Information Disclosure
CVE-2020-15703 RESERVED

Version: 1.1.1+bzr982-0ubuntu14.2 2020-01-22 20:07:05 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu14.2) xenial-security; urgency=medium

  * Fix compatibility with python-apt security update (LP: #1858973)

 -- Marc Deslauriers <email address hidden> Wed, 15 Jan 2020 14:37:59 -0500




About   -   Send Feedback to @ubuntu_updates