Package "apt"
Name: |
apt
|
Description: |
commandline package manager
|
Latest version: |
2.0.10 |
Release: |
focal (20.04) |
Level: |
updates |
Repository: |
main |
Links
Download "apt"
Other versions of "apt" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
apt (2.0.4) focal; urgency=medium
[ Julian Andres Klode ]
* Merge 2.0.2ubuntu0.1 and 2.0.2ubuntu0.2 security updates with 2.0.3
release.
* pkgnames: Correctly set the default for AllNames to false, and do not
exclude virtual packages if --all-names is specified (LP: #1876495)
* Remove expired domain that became nsfw from debian/changelog
* patterns: Terminate short pattern by ~ and ! (LP: #1911676)
* Improve immediate configuration handling (LP: #1871268)
- Do not immediately configure m-a: same packages in lockstep
- Ignore failures from immediate configuration. This does not change the
actual installation ordering - we never passed the return code to the
caller and installation went underway anyway if it could be ordered at a
later stage, this just removes spurious after-the-fact errors.
[ JCGoran ]
* Fix "extended_states" typo in apt-mark(8) (Closes: #969086)
|
Source diff to previous version |
1876495 |
bash-completion incorrectly shows source package names for APT |
1911676 |
Short pattern not terminated by ~ or ! |
1871268 |
Installation fails due to useless immediate configuration error when \ |
969086 |
apt-mark man page has a typo: "extended_status" -> "extended_states" |
|
apt (2.0.2ubuntu0.2) focal-security; urgency=high
* SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
- apt-pkg/contrib/arfile.cc: add extra checks.
- apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
- apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
- test/*: add tests.
- CVE-2020-27350
* Additional hardening:
- apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB
* .gitlab-ci.yml: Test on focal, not unstable
-- Julian Andres Klode <email address hidden> Mon, 07 Dec 2020 12:08:43 +0100
|
Source diff to previous version |
apt (2.0.2ubuntu0.1) focal-security; urgency=high
* SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
- apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
member names in error path
- apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
member names in error path
- CVE-2020-3810
-- Julian Andres Klode <email address hidden> Tue, 12 May 2020 22:02:05 +0200
|
1878177 |
CVE-2020-3810 out-of-bound stack reads in arfile |
CVE-2020-3810 |
apt out-of-bounds read in .ar implemation |
|
About
-
Send Feedback to @ubuntu_updates