This bug was fixed in the package apt - 1.6.8 --------------- apt (1.6.8) bionic; urgency=medium
* merge security update: content injection in http method (CVE-2019-3462) apt (1.6.7) bionic; urgency=medium [ Milo Casagrande ] * [l10n] Update Italian translation [ Julian Andres Klode ] * NeverAutoRemove kernel meta packages (LP: #1787460) * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * Merge translations from 1.8 series -- Julian Andres Klode <juli...@ubuntu.com> Fri, 25 Jan 2019 12:51:00 +0100 ** Changed in: apt (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1811120 Title: Backport auth.conf.d Status in apt package in Ubuntu: Fix Released Status in apt source package in Trusty: Triaged Status in apt source package in Xenial: Triaged Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: [Impact] Backport auth.conf.d support to allow specifying per-repository authentication data in separate files, so packages can setup authenticated repositories. [Regression potential] We ignore errors from opening auth.conf.d files, so regressions can only occur when parsing a file fails, in which case apt would exit with an error. [Test case] The test suite provides autopkgtests for auth.conf.d which creates an auth.conf.d file and checks that it is successfully used; so we can check if those passed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1811120/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp