Hello errors.ubuntu.com, or anyone else affected,

Accepted python-apt into trusty-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/python-
apt/ in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-trusty to verification-done-trusty. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-trusty. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python-apt in Ubuntu.

  python-apt crashes if objects of one cache are passed to depcache
  belonging to another cache

Status in python-apt package in Ubuntu:
  Fix Released
Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in python-apt source package in Trusty:
  Fix Committed
Status in unattended-upgrades source package in Trusty:
  Won't Fix
Status in python-apt source package in Xenial:
  Fix Committed
Status in unattended-upgrades source package in Xenial:
  Won't Fix
Status in python-apt source package in Bionic:
  Fix Released
Status in unattended-upgrades source package in Bionic:
  Fix Released

Bug description:
  Some applications, like unattended-upgrades or update-manager, reopen the apt 
cache. They also keep around old apt.Package objects however, and operate on 
them after reopening. Under the hood, this means that apt_pkg.Package objects 
belonging to an old cache are passed to a new cache.

  APT relies on the ID of the package (it's position in the cache) for
  it's operation. So if a package has ID 0 in the old cache, and a
  different package has ID 0 in the new cache, performing operations on
  the old package would perform it on the new package. If the old
  package's ID is out of bounds in the new cache, the behavior is
  undefined - it's an out of bounds array access.

  [Test case]
  The attached test case has a list of packages 0-9, a-z; stores the package 
"z" into a variable, then reopens the cache. It then marks z for deletion. This 
either segfaults or does nothing; when it should mark z for deletion.

  More test cases like this are in the autopkgtest.

  [Regression potential]
  The initial fix introduced bug 1780099, there might be similar bugs lurking. 
However, these bugs would have been undefined behavior before and might have 
caused segmentation faults or did the wrong thing. It seems likely that any 
regression cannot possibly be worse than the current state.

  [Other info]
  The xenial SRU also includes the change "python/tag.cc: Fix invalid read in 
TagFileNext". We don't have any specific verification for it, as we just saw 
weird crashes on the error tracker, and this seemed like the culprit. We 
released bionic with it, and it seems fine.  The fix is fairly obvious: We were 
copying the char array "Start" which was not nul terminated in an odd way, 
without using the lenght.

  [Original bug report]
  The Ubuntu Error Tracker has been receiving reports about a problem regarding 
unattended-upgrades.  This problem was most recently seen with package version 
0.98ubuntu1, the problem page at 
contains more details, including versions of packages affected, stacktrace or 
traceback, and individual crash reports.
  If you do not have access to the Ubuntu Error Tracker and are a software 
developer, you can request it at http://forms.canonical.com/reports/.

To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to