apt 2.0.2ubuntu0.1 source package in Ubuntu


apt (2.0.2ubuntu0.1) focal-security; urgency=high

  * SECURITY UPDATE: Out of bounds read in ar, tar implementations (LP: #1878177)
    - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read in member name
    - apt-pkg/contrib/arfile.cc: Fix out-of-bounds read on unterminated
      member names in error path
    - apt-pkg/contrib/extracttar.cc: Fix out-of-bounds read on unterminated
      member names in error path
    - CVE-2020-3810

 -- Julian Andres Klode <email address hidden>  Tue, 12 May 2020 22:02:05 +0200

Upload details

Uploaded by:
Julian Andres Klode on 2020-05-13
Sponsored by:
Alex Murray
Uploaded to:
Original maintainer:
Ubuntu Developers
any all
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates on 2020-05-14 main admin
Focal security on 2020-05-14 main admin


File Size SHA-256 Checksum
apt_2.0.2ubuntu0.1.tar.xz 2.1 MiB 5e4ac597e285088a44ec12a7e013ccc174b1653f1863da6354eee0a53aa519c0
apt_2.0.2ubuntu0.1.dsc 2.5 KiB db278b3b0a049a284a653013b282a8eefe06c3d970c1c21a3d47d4b501b3dc55

View changes file

Binary packages built by this source

apt: commandline package manager

 This package provides commandline tools for searching and
 managing as well as querying information about packages
 as a low-level access to all features of the libapt-pkg library.
 These include:
  * apt-get for retrieval of packages and information about them
    from authenticated sources and for installation, upgrade and
    removal of packages together with their dependencies
  * apt-cache for querying available information about installed
    as well as installable packages
  * apt-cdrom to use removable media as a source for packages
  * apt-config as an interface to the configuration settings
  * apt-key as an interface to manage authentication keys

apt-dbgsym: debug symbols for apt
apt-doc: documentation for APT

 This package contains the user guide and offline guide for various
 APT tools which are provided in a html and a text-only version.

apt-transport-https: transitional package for https support

 This is a dummy transitional package - https support has been moved into
 the apt package in 1.5. It can be safely removed.

apt-utils: package management related utility programs

 This package contains some less used commandline utilities related
 to package management with APT.
  * apt-extracttemplates is used by debconf to prompt for configuration
    questions before installation.
  * apt-ftparchive is used to create Packages and other index files
    needed to publish an archive of Debian packages
  * apt-sortpkgs is a Packages/Sources file normalizer.

apt-utils-dbgsym: debug symbols for apt-utils
libapt-pkg-dev: development files for APT's libapt-pkg and libapt-inst

 This package contains the header files and libraries for
 developing with APT's libapt-pkg Debian package manipulation
 library and the libapt-inst deb/tar/ar library.

libapt-pkg-doc: documentation for APT development

 This package contains documentation for development of the APT
 Debian package manipulation program and its libraries.
 This includes the source code documentation generated by doxygen
 in html format.

libapt-pkg6.0: package management runtime library

 This library provides the common functionality for searching and
 managing packages as well as information about packages.
 Higher-level package managers can depend upon this library.
 This includes:
  * retrieval of information about packages from multiple sources
  * retrieval of packages and all dependent packages
    needed to satisfy a request either through an internal
    solver or by interfacing with an external one
  * authenticating the sources and validating the retrieved data
  * installation and removal of packages in the system
  * providing different transports to retrieve data over cdrom, ftp,
    http(s), rsh as well as an interface to add more transports like
    tor+http(s) (apt-transport-tor).

libapt-pkg6.0-dbgsym: debug symbols for libapt-pkg6.0