lp://staging/ubuntu/natty-security/apt

Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/natty-security/apt
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

146. By Jamie Strandboge

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is still insecure
  - cmdline/apt-key: exit 1 immediately in net_update()
  - CVE-2012-0954
  - LP: #1013639

145. By Jamie Strandboge

adjust apt-key to ensure no collisions on subkeys too. Patch thanks to
Marc Deslauriers. (LP: #1013128)

144. By Marc Deslauriers

* SECURITY UPDATE: trust bypass via stale InRelease file (LP: #947108)
  - CVE-2012-0214

[ David Kalnischkies ]
* apt-pkg/acquire-item.cc:
  - remove 'old' InRelease file if we can't get a new one before
    proceeding with Release.gpg to avoid the false impression of a still
    trusted repository by a (still present) old InRelease file.
    Thanks to Simon Ruderich for reporting this issue! (CVE-2012-0214)

143. By Marc Deslauriers

* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
  - cmdline/apt-key: improve key validation.

142. By Marc Deslauriers

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is insecure. (LP: #856489)
  - cmdline/apt-key: exit immediately out of net_update().
  - CVE number pending

141. By Marc Deslauriers

* SECURITY UPDATE: incorrect InRelease file signature validation
  (LP: #784473)
  - apt-pkg/indexcopy.cc, methods/gpgv.cc: Ensure file starts with
    clearsigned message header.
  - patch thanks to David Kalnischkies.
  - CVE-2011-1829

140. By Michael Vogt

[ Michael Vogt ]
* debian/apt.cron.daily:
  - run unattended-upgrades even if there was a error during
    the apt-get update (LP: #676295)

[ Julian Andres Klode ]
* apt-pkg/indexcopy.cc:
  - Use RealFileExists() instead of FileExists(), allows amongst other
    things a directory named Sources to exist on a CD-ROM (LP: #750694).

[ David Kalnischkies ]
* apt-pkg/pkgcache.cc:
  - use the native Architecture stored in the cache header instead of
    loading it from configuration as suggested by Julian Andres Klode

139. By Michael Vogt

* merge fixes from debian-sid, most notable the handling of
  arch=all architectures in python-apt (LP: #733741)
* apt-pkg/aptconfiguration.cc:
  - fix comparing for a empty string

138. By Michael Vogt

merged fixes from the debian-sid (LP: #744832)

137. By Michael Vogt

* po/makefile:
  - add hack to run MSGMERGE again if it segfaults. this is to help
    powerpc to bootstrap
* mirror method:
  - merge fix from Matt Zimmerman, many thanks (LP: #741098)
  - do not crash if the mirror file fails to download

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/oneiric/apt
This branch contains Public information 
Everyone can see this information.

Subscribers