UbuntuUpdates.org

Package "python3-aptdaemon.gtk3widgets"

Name: python3-aptdaemon.gtk3widgets

Description:

Python 3 GTK+ 3 widgets to run an aptdaemon client

Latest version: 1.1.1+bzr982-0ubuntu32.3
Release: focal (20.04)
Level: security
Repository: main
Head package: aptdaemon
Homepage: https://launchpad.net/aptdaemon

Links


Download "python3-aptdaemon.gtk3widgets"


Other versions of "python3-aptdaemon.gtk3widgets" in Focal

Repository Area Version
base main 1.1.1+bzr982-0ubuntu32
updates main 1.1.1+bzr982-0ubuntu32.3

Changelog

Version: 1.1.1+bzr982-0ubuntu32.3 2020-12-08 18:06:37 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu32.3) focal-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349

 -- Marc Deslauriers <email address hidden> Wed, 02 Dec 2020 07:42:52 -0500

Source diff to previous version
CVE-2020-16128 RESERVED
CVE-2020-27349 RESERVED

Version: 1.1.1+bzr982-0ubuntu32.2 2020-09-24 14:06:24 UTC

  aptdaemon (1.1.1+bzr982-0ubuntu32.2) focal-security; urgency=medium

  * SECURITY UPDATE: information disclosure via locale (LP: #1888235)
    - debian/patches/CVE-2020-15703.patch: reject locales with full paths
      in aptdaemon/core.py.
    - CVE-2020-15703

 -- Marc Deslauriers <email address hidden> Wed, 23 Sep 2020 07:20:14 -0400

1888235 Improper Input Validation vulnerability in Locale property of a transaction leading to Information Disclosure
CVE-2020-15703 RESERVED



About   -   Send Feedback to @ubuntu_updates