Comment 31 for bug 1899193

This bug was fixed in the package aptdaemon - 1.1.1+bzr982-0ubuntu32.3

---------------
aptdaemon (1.1.1+bzr982-0ubuntu32.3) focal-security; urgency=medium

  * SECURITY UPDATE: info disclosure via transaction properties
    (LP: #1899513)
    - debian/patches/CVE-2020-16128.patch: drop privileges when doing file
      checks in aptdaemon/core.py, aptdaemon/worker/aptworker.py,
      aptdaemon/utils.py.
    - CVE-2020-16128
  * SECURITY UPDATE: policykit checks are too late (LP: #1899193)
    - debian/patches/CVE-2020-27349.patch: check PolicyKit before
      simulating local install in aptdaemon/core.py.
    - CVE-2020-27349

 -- Marc Deslauriers <email address hidden> Wed, 02 Dec 2020 07:42:52 -0500