This bug was fixed in the package apt - 1.2.18

---------------
apt (1.2.18) xenial; urgency=high

  * SECURITY UPDATE: gpgv: Check for errors when splitting files (CVE-2016-1252)
    Thanks to Jann Horn, Google Project Zero for reporting the issue
    (LP: #1647467)
  * gpgv: Flush the files before checking for errors

apt (1.2.17) xenial; urgency=medium

  [ David Kalnischkies ]
  * apt-key: warn instead of fail on unreadable keyrings (LP: #1642386)
  * show apt-key warnings in apt update (Closes: 834973)

  [ Julian Andres Klode ]
  * test-releasefile-verification: installaptold: Clean up before run

apt (1.2.16) xenial; urgency=medium

  [ David Kalnischkies ]
  * avoid changing the global LC_TIME for Release writing
  * use de-localed std::put_time instead rolling our own
  * accept only the expected UTC timezones in date parsing (Closes: 819697)
  * avoid std::get_time usage to sidestep libstdc++6 bug (LP: #1593583)
  * imbue datetime parsing with C.UTF-8 locale (Closes: 828011)
  * prevent C++ locale number formatting in text APIs (try 2) (Closes: 832044)
  * prevent C++ locale number formatting in text APIs (try 3) (LP: #1611010)
    (LP: #1592817)
  * imbue .diff/Index parsing with C.UTF-8 as well

  [ Julian Andres Klode ]
  * Use C locale instead of C.UTF-8 for protocol strings
  * Add shippable.yml for CI on Shippable
  * Revert "if the FileFd failed already following calls should fail, too"
    (LP: #1641905)

 -- Julian Andres Klode <juli...@ubuntu.com>  Thu, 08 Dec 2016 15:28:08
+0100

** Changed in: apt (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-1252

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1593583

Title:
  Invalid 'Date' entry in Release file
  /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_yakkety-
  proposed_InRelease

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Xenial:
  Fix Released
Status in apt source package in Yakkety:
  New

Bug description:
  Continuously get that warning when using synaptic to reload the
  sources. This happen with apt 1.3-exp2 only.

  This seems a regression as per that old report:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809329

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: apt 1.3~exp2
  ProcVersionSignature: Ubuntu 4.6.0-7.8-generic 4.6.0
  Uname: Linux 4.6.0-7-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
  ApportVersion: 2.20.1-0ubuntu4
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Jun 17 08:19:22 2016
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

  For the SRU:

  [Impact]
  Prevent adding this regression to 1.2.16
  [Test case]
  Parse (Release file with) date where hour is single digit
  [Regression potential]
  Should be very low, we are running this in yakkety too, and in Debian since 
quite some time.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1593583/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to