apt (1.2.32ubuntu0.1) xenial-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP:
#1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
* Add .gitlab-ci.yml for CI testing on Salsa
apt (1.2.32) xenial; urgency=medium
* Add test case for local-only packages pinned to never
* Prevent shutdown while running dpkg (LP: #1820886)
* Add linux-{buildinfo,image-unsigned,source} versioned kernel pkgs
(LP: #1821640)
apt (1.2.31) xenial; urgency=medium
* Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
* apt.dirs: Install auth.conf.d directory (LP: #1818996)
* Merge translations from 1.6.10 (via 1.4.y branch)
apt (1.2.30) xenial; urgency=medium
* merge security upload for content injection in http method (CVE-2019-3462);
with fixed autopkgtest (LP: #1815750)
* Introduce experimental 'never' pinning for sources (LP: #1814727)
* Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120)
* Add a Packages-Require-Authorization Release file field (LP: #1814727)
* NeverAutoRemove kernel meta packages (LP: #1787460)
* doc: Set ubuntu-codename to xenial (LP: #1812696)
* update: Provide APT::Update-Post-Invoke-Stats script hook point
(LP: #1815760)
* Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)
Date: 2020-05-13 13:16:15.047351+00:00
Changed-By: Julian Andres Klode <julian.kl...@canonical.com>
Signed-By: Alex Murray <alex.mur...@canonical.com>
https://launchpad.net/ubuntu/+source/apt/1.2.32ubuntu0.1
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
