This bug was fixed in the package apt - 1.2.31 --------------- apt (1.2.31) xenial; urgency=medium
* Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...) * apt.dirs: Install auth.conf.d directory (LP: #1818996) * Merge translations from 1.6.10 (via 1.4.y branch) apt (1.2.30) xenial; urgency=medium * merge security upload for content injection in http method (CVE-2019-3462); with fixed autopkgtest (LP: #1815750) * Introduce experimental 'never' pinning for sources (LP: #1814727) * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120) * Add a Packages-Require-Authorization Release file field (LP: #1814727) * NeverAutoRemove kernel meta packages (LP: #1787460) * doc: Set ubuntu-codename to xenial (LP: #1812696) * update: Provide APT::Update-Post-Invoke-Stats script hook point (LP: #1815760) * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761) -- Julian Andres Klode <juli...@ubuntu.com> Tue, 12 Mar 2019 14:59:01 +0100 ** Changed in: apt (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3462 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1815750 Title: autopkgtest failure due to security update Status in apt package in Ubuntu: New Status in apt source package in Trusty: Invalid Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Invalid Status in apt source package in Cosmic: Invalid Bug description: [impact] the security update for: SECURITY UPDATE: content injection in http method (CVE-2019-3462) (LP: #1812353) causes an autopkgtest failure for: Failed tests: test-cve-2019-3462-dequote-injection [test case] run autopkgtest on the security-patched version [regression potential] the test needs to be updated, so the regression potential is around the test continuing to fail. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1815750/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp