[ubuntu/xenial-security] aptdaemon 1.1.1+bzr982-0ubuntu14.5 (Accepted)

Marc Deslauriers Tue, 08 Dec 2020 07:51:54 -0800

aptdaemon (1.1.1+bzr982-0ubuntu14.5) xenial-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349


Date: 2020-12-02 14:13:18.240900+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu14.5

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] aptdaemon 1.1.1+bzr982-0ubuntu14.5 (Accepted)

Reply via email to