[ubuntu/trusty-security] apt 1.0.1ubuntu2.17 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Tue Dec 13 17:12:16 UTC 2016
apt (1.0.1ubuntu2.17) trusty-security; urgency=high
* SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
Thanks to Jann Horn, Google Project Zero for reporting the issue
(LP: #1647467)
apt (1.0.1ubuntu2.15) trusty; urgency=medium
* Fixes failure to download the Package index file when using
mirror:// URL in sources.list and the archive fails to profile
a file. APT would try the next archive in the list for .deb
packages but did not retry when the index file failed to download.
(LP: #1625667)
apt (1.0.1ubuntu2.14) trusty; urgency=medium
* When using the https transport mechanism, $no_proxy is ignored if apt is
getting it's proxy information from $https_proxy (as opposed to
Acquire::https::Proxy somewhere in apt config). If the source of proxy
information is Acquire::https::Proxy set in apt.conf (or apt.conf.d),
then $no_proxy is honored. This patch makes the behavior similar for
both methods of setting the proxy. (LP: #1575877)
Date: 2016-12-08 16:13:55.742240+00:00
Changed-By: Julian Andres Klode <julian.klode at gmail.com>
Signed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/+source/apt/1.0.1ubuntu2.17
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list