[ubuntu/xenial-updates] aptdaemon 1.1.1+bzr982-0ubuntu14.5 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Dec 8 16:58:28 UTC 2020
aptdaemon (1.1.1+bzr982-0ubuntu14.5) xenial-security; urgency=medium
* SECURITY UPDATE: info disclosure via transaction properties
(LP: #1899513)
- debian/patches/CVE-2020-16128.patch: drop privileges when doing file
checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
aptdaemon/utils.py.
- CVE-2020-16128
* SECURITY UPDATE: policykit checks are too late (LP: #1899193)
- debian/patches/CVE-2020-27349.patch: check PolicyKit before
simulating local install in aptdaemon/core.py.
- CVE-2020-27349
Date: 2020-12-02 14:13:18.240900+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu14.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list