Ubuntu
aptdaemon package

  1. Bug #959131
  2. Comment #0

Comment 0 for bug 959131

Revision history for this message
Sebastian Heinlein (glatzor) wrote : Doens't detect unauthenticated packages if the transaction hasn't been simulated before

Aptdaemon allows to install unauthenticated packages using software-center or update-manager.

Background: Aptdaemon only checks for unauthenticated packages during the simulation of a transaction. Normally aptdaemon should simulate every transaction before it is queued, even if the client hasn't explicitly called the Simulate method of the transaction before (e.g. update-manager and software-center don't simulate the transactions). But there is an error in aptdaemon.core.TransactionQueue.put() which results in the transactions being queued and applied before they are simulated.

Two steps are required to resolve this issue:

(1) Perform a re-check of unauthenticated packages directly before applying the changes

(2) Fix the automatic simulation of transactions [But this part could be skipped for a security fix release]

Thanks a lot to Michael Vogt for detecing and providing a fix for this issue.