diff -Nru apt-1.2.15/apt-pkg/contrib/gpgv.cc apt-1.2.15ubuntu0.1/apt-pkg/contrib/gpgv.cc
--- apt-1.2.15/apt-pkg/contrib/gpgv.cc	2016-10-31 15:31:39.000000000 +0100
+++ apt-1.2.15ubuntu0.1/apt-pkg/contrib/gpgv.cc	2016-12-06 16:15:58.000000000 +0100
@@ -235,6 +235,19 @@
 }
 									/*}}}*/
 // SplitClearSignedFile - split message into data/signature		/*{{{*/
+static int GetLineErrno(char **lineptr, size_t *n, FILE *stream, std::string const &InFile)
+{
+   int result;
+
+   errno = 0;
+   result = getline(lineptr, n, stream);
+   if (errno != 0) {
+      _error->Errno("getline", "Could not read from %s", InFile.c_str());
+      return -1;
+   }
+
+   return result;
+}
 bool SplitClearSignedFile(std::string const &InFile, FileFd * const ContentFile,
       std::vector<std::string> * const ContentHeader, FileFd * const SignatureFile)
 {
@@ -250,7 +263,7 @@
 
    char *buf = NULL;
    size_t buf_size = 0;
-   while (getline(&buf, &buf_size, in) != -1)
+   while (GetLineErrno(&buf, &buf_size, in, InFile) != -1)
    {
       _strrstrip(buf);
       if (found_message_start == false)
@@ -314,6 +327,17 @@
    if (buf != NULL)
       free(buf);
 
+   // Flush the files. Errors will be checked below.
+   if (SignatureFile != nullptr)
+      SignatureFile->Flush();
+   if (ContentFile != nullptr)
+      ContentFile->Flush();
+
+   // An error occured during reading - propagate it up
+   if (_error->PendingError()) {
+      return false;
+   }
+
    if (found_signature == true)
       return _error->Error("Signature in file %s wasn't closed", InFile.c_str());
 
diff -Nru apt-1.2.15/debian/changelog apt-1.2.15ubuntu0.1/debian/changelog
--- apt-1.2.15/debian/changelog	2016-10-31 15:31:39.000000000 +0100
+++ apt-1.2.15ubuntu0.1/debian/changelog	2016-12-06 16:19:28.000000000 +0100
@@ -1,3 +1,12 @@
+apt (1.2.15ubuntu0.1) xenial-security; urgency=high
+
+  * SECURITY UPDATE: gpgv: Check for errors during reading, esp. getline()
+    Thanks to Jann Horn, Google Project Zero for reporting the issue
+    (LP: #1647467) (CVE-2016-1252)
+  * gpgv: Flush the files before checking for errors
+
+ -- Julian Andres Klode <juliank@ubuntu.com>  Tue, 06 Dec 2016 16:19:18 +0100
+
 apt (1.2.15) xenial; urgency=medium
 
   New micro release with bug fixes up to (and including) 1.3.1 (LP: #1638021)
diff -Nru apt-1.2.15/debian/control apt-1.2.15ubuntu0.1/debian/control
--- apt-1.2.15/debian/control	2016-10-31 15:31:39.000000000 +0100
+++ apt-1.2.15ubuntu0.1/debian/control	2016-12-06 16:20:58.000000000 +0100
@@ -1,7 +1,8 @@
 Source: apt
 Section: admin
 Priority: important
-Maintainer: APT Development Team <deity@lists.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: APT Development Team <deity@lists.debian.org>
 Uploaders: Michael Vogt <mvo@debian.org>,
  Julian Andres Klode <jak@debian.org>
 Standards-Version: 3.9.7