This is a problem in unattended-upgrades reusing apt.Version objects
after reopening the cache.

python-apt does not verify that objects like versions passed to
apt_pkg.DepCache belong to the same cache. Hence we get out of bounds
writes and memory corruption if these reference cache objects with IDs
outside of the cache range (like dependency 1024 in a cache with 100
dependencies), or, maybe even worse, we mark the wrong things (like set
the candidate for an entirely different package). Hence this was not
detected. I added checks to python-apt now to detect this situation
where possible, and will release that shortly.

** Changed in: unattended-upgrades (Ubuntu Bionic)
       Status: Invalid => Triaged

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.


To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to