aptdaemon 1.1.1+bzr982-0ubuntu32.3 source package in Ubuntu

Changelog

aptdaemon (1.1.1+bzr982-0ubuntu32.3) focal-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349

 -- Marc Deslauriers <email address hidden>  Wed, 02 Dec 2020 07:42:52 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2020-12-02
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates on 2020-12-08 main admin
Focal security on 2020-12-08 main admin

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
aptdaemon_1.1.1+bzr982.orig.tar.gz 1.2 MiB 8729ce3163279359d2dfd674aa3a4d8af49ff6a99bfd0ef670ddb7ec50698eb6
aptdaemon_1.1.1+bzr982-0ubuntu32.3.debian.tar.xz 49.2 KiB a9a7ea57ced946e880f75111b923f8c609f4f5705093e428611bb54db8b497d3
aptdaemon_1.1.1+bzr982-0ubuntu32.3.dsc 2.8 KiB 9ee48a883fb9378496c6e7f7512830d5cab380ff431f399c6b0e5563d7f024e5

View changes file

Binary packages built by this source

aptdaemon: transaction based package management service

 Aptdaemon allows normal users to perform package management tasks, e.g.
 refreshing the cache, upgrading the system, installing or removing software
 packages.
 .
 Currently it comes with the following main features:
 .
  - Programming language independent D-Bus interface, which allows one to
    write clients in several languages
  - Runs only if required (D-Bus activation)
  - Fine grained privilege management using PolicyKit, e.g. allowing all
    desktop user to query for updates without entering a password
  - Support for media changes during installation from DVD/CDROM
  - Support for debconf (Debian's package configuration system)
  - Support for attaching a terminal to the underlying dpkg call
 .
 This package contains the aptd script and all the data files required to run
 the daemon. Moreover it contains the aptdcon script, which is a command
 line client for aptdaemon. The API is not stable yet.

aptdaemon-data: data files for clients

 Aptdaemon is a transaction based package management daemon. It allows
 normal users to perform package management tasks, e.g. refreshing the
 cache, upgrading the system, installing or removing software packages.
 .
 This package provides common data files (e.g. icons) for aptdaemon
 clients.

python3-aptdaemon: Python 3 module for the server and client of aptdaemon

 Aptdaemon is a transaction based package management service. It allows
 normal users to perform package management tasks, e.g. refreshing the
 cache, upgrading the system, installing or removing software packages.
 .
 This package provides the Python 3 modules required to run aptdaemon
 and to implement a client. The API is not stable yet.

python3-aptdaemon.gtk3widgets: Python 3 GTK+ 3 widgets to run an aptdaemon client

 Aptdaemon is a transaction based package management daemon. It allows
 normal users to perform package management tasks, e.g. refreshing the
 cache, upgrading the system, installing or removing software packages.
 .
 This package provides the Python 3 GTK+ 3 widgets to implement a fully
 working graphical client. The widgets can be used to initiate, to
 monitor and to control a transaction. The API is not stable yet.

python3-aptdaemon.test: Test environment for aptdaemon clients

 Aptdaemon is a transaction based package management daemon. It allows
 normal users to perform package management tasks, e.g. refreshing the
 cache, upgrading the system, installing or removing software packages.
 .
 This package provides the aptdaemon.test module and several helper
 scripts and a test repository to write unittests for aptdaemon
 clients.