[ubuntu/groovy-security] aptdaemon 1.1.1+bzr982-0ubuntu34.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Dec 8 15:51:42 UTC 2020
aptdaemon (1.1.1+bzr982-0ubuntu34.1) groovy-security; urgency=medium
* SECURITY UPDATE: info disclosure via transaction properties
(LP: #1899513)
- debian/patches/CVE-2020-16128.patch: drop privileges when doing file
checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
aptdaemon/utils.py.
- CVE-2020-16128
* SECURITY UPDATE: policykit checks are too late (LP: #1899193)
- debian/patches/CVE-2020-27349.patch: check PolicyKit before
simulating local install in aptdaemon/core.py.
- CVE-2020-27349
Date: 2020-12-02 14:12:15.038850+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu34.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Groovy-changes
mailing list