[ubuntu/precise-security] apt 0.8.16~exp12ubuntu10.10 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu Mar 14 13:26:12 UTC 2013

apt (0.8.16~exp12ubuntu10.10) precise-security; urgency=low

  * SECURITY UPDATE: InRelease verification bypass
    - CVE-2013-1051

  [ David Kalnischk ]
  [ Michael Vogt ]
  * apt-pkg/deb/debmetaindex.cc,
    - disable InRelease downloading until the verification issue is
      fixed, thanks to Ansgar Burchardt for finding the flaw

apt (0.8.16~exp12ubuntu10.9) precise-proposed; urgency=low

  [ David Kalnischkies ]
  * apt-pkg/depcache.cc:
    - prefer to install packages which have an already installed M-A:same
      sibling while choosing providers (LP: #1130419)

  [ Steve Langasek ]
  * Invoke /etc/kernel/postinst.d/apt-auto-removal directly on upgrade for
    bug #923876, so that an 'apt-get autoremove' run before any new kernel
    packages have been installed gives the expected behavior.

apt (0.8.16~exp12ubuntu10.8) precise; urgency=low

  * Backport kernel auto-removal/retention policy from raring (LP: #923876)
    - debian/apt.auto-removal.sh, debian/rules, debian/apt.dirs: Add new
      script to /etc/kernel/postinst.d/ that ensures we always retain the
      currently-running, being-installed, and newest-installed kernels.
    - debian/apt.conf.autoremove: don't include linux-restricted-modules*,
      linux-image*, and linux-ubuntu-modules* in the never-removed list.

Date: 2013-03-13 21:20:11.417931+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list