apt 1.9.4ubuntu0.1 source package in Ubuntu


apt (1.9.4ubuntu0.1) eoan-security; urgency=high

  * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
    - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
    - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
      member names in error path
    - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
      member names in error path
    - CVE-2020-3810

 -- Julian Andres Klode <email address hidden>  Tue, 12 May 2020 22:04:30 +0200

Upload details

Uploaded by:
Julian Andres Klode on 2020-05-13
Sponsored by:
Alex Murray
Uploaded to:
Original maintainer:
Ubuntu Developers
any all
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Eoan updates on 2020-05-14 main admin
Eoan security on 2020-05-14 main admin


File Size SHA-256 Checksum
apt_1.9.4ubuntu0.1.tar.xz 2.1 MiB eff2c8bc96f753cab37b2be1902e56441287c974084975ee3e31bc19ae161cb1
apt_1.9.4ubuntu0.1.dsc 2.5 KiB e0824e1925047fcc1a654346f3b719590cbbcd90f9c8fd58f6107fd6bfddfa50

View changes file

Binary packages built by this source

apt: commandline package manager

 This package provides commandline tools for searching and
 managing as well as querying information about packages
 as a low-level access to all features of the libapt-pkg library.
 These include:
  * apt-get for retrieval of packages and information about them
    from authenticated sources and for installation, upgrade and
    removal of packages together with their dependencies
  * apt-cache for querying available information about installed
    as well as installable packages
  * apt-cdrom to use removable media as a source for packages
  * apt-config as an interface to the configuration settings
  * apt-key as an interface to manage authentication keys

apt-dbgsym: debug symbols for apt
apt-doc: documentation for APT

 This package contains the user guide and offline guide for various
 APT tools which are provided in a html and a text-only version.

apt-transport-https: transitional package for https support

 This is a dummy transitional package - https support has been moved into
 the apt package in 1.5. It can be safely removed.

apt-utils: package management related utility programs

 This package contains some less used commandline utilities related
 to package management with APT.
  * apt-extracttemplates is used by debconf to prompt for configuration
    questions before installation.
  * apt-ftparchive is used to create Packages and other index files
    needed to publish an archive of Debian packages
  * apt-sortpkgs is a Packages/Sources file normalizer.

apt-utils-dbgsym: debug symbols for apt-utils
libapt-pkg-dev: development files for APT's libapt-pkg and libapt-inst

 This package contains the header files and libraries for
 developing with APT's libapt-pkg Debian package manipulation
 library and the libapt-inst deb/tar/ar library.

libapt-pkg-doc: documentation for APT development

 This package contains documentation for development of the APT
 Debian package manipulation program and its libraries.
 This includes the source code documentation generated by doxygen
 in html format.

libapt-pkg5.90: package management runtime library

 This library provides the common functionality for searching and
 managing packages as well as information about packages.
 Higher-level package managers can depend upon this library.
 This includes:
  * retrieval of information about packages from multiple sources
  * retrieval of packages and all dependent packages
    needed to satisfy a request either through an internal
    solver or by interfacing with an external one
  * authenticating the sources and validating the retrieved data
  * installation and removal of packages in the system
  * providing different transports to retrieve data over cdrom, ftp,
    http(s), rsh as well as an interface to add more transports like
    tor+http(s) (apt-transport-tor).

libapt-pkg5.90-dbgsym: debug symbols for libapt-pkg5.90