This bug was fixed in the package apt - 1.0.9.2ubuntu1
---------------
apt (1.0.9.2ubuntu1) utopic; urgency=low
* merge fixes from debian/sid, most importantly CVE-2014-7206
(LP: #1378680)
apt (1.0.9.2) unstable; urgency=medium
[ Michael Vogt ]
* test/integration/test-apt-update-file: improve test
* Fix regression when copy: is used for a relative path (Closes: #762160)
* generalize Acquire::GzipIndex to support all compressions that
apt supports
* Fix regression for cdrom: sources from latest security update
* Ensure that iTFRewritePackageOrder is "MD5sum" to match
apt-ftparchive
* debian/rules: add hardening=+all.
Thanks to Simon Ruderich, Markus Waldeck
[ Holger Wansing ]
* German program translation update (Closes: 762223)
[ Jérémy Bobbio ]
* disable timestamps in the footer of docs by doxygen
[ Trần Ngọc Quân ]
* Set STRIP_FROM_PATH for doxygen
[ Guillem Jover ]
* apt-get: Create the temporary downloaded changelog inside tmpdir
(closes: #763780)
-- Michael Vogt <[email protected]> Wed, 08 Oct 2014 10:45:34 +0200
** Changed in: apt (Ubuntu Utopic)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1378680
Title:
Insecure tempfile handling
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1378680/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
