lp:ubuntu/hardy-security/apt

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-security/apt
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

81. By Jamie Strandboge on 2012-06-15

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is still insecure
  - cmdline/apt-key: exit 1 immediately in net_update()
  - CVE-2012-0954
  - LP: #1013639

80. By Jamie Strandboge on 2012-06-14

adjust apt-key to ensure no collisions on subkeys too. Patch thanks to
Marc Deslauriers. (LP: #1013128)

79. By Marc Deslauriers on 2011-11-22

* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
  - cmdline/apt-key: improve key validation.

78. By Marc Deslauriers on 2011-09-22

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is insecure. (LP: #856489)
  - cmdline/apt-key: exit immediately out of net_update().
  - CVE number pending

77. By Jamie Strandboge on 2009-04-17

* SECURITY UPDATE: honor expired and revoked key signatures
  - adjust methods/gpgv.cc to mark a signature as valid only if GOODSIG
    is set by gpgv
  - CVE-XXXX-XXXX
  - Patch from Michael Vogt
* SECURITY UPDATE: ensure automatic updates are not permanently disabled
  in certain situations when the timezone's DST starts at midnight
  - adjust debian/apt.cron.daily to check the return code of date
  - CVE-XXXX-XXXX

76. By Michael Vogt on 2008-04-22

* apt-pkg/acquire-item.cc:
  - fix signaure removal on transient network failures
    (thanks to Scott James Remnant)

75. By Michael Vogt on 2008-04-08

* cmdline/apt-key:
  - only check against master-keys in net-update to not break
    custom CDs (thanks to Colin Watson)

74. By Michael Vogt on 2008-03-13

* cmdline/apt-get.cc:
  - do two passes when installing tasks, first ignoring dependencies,
    then resolving them and run the problemResolver at the end
    so that it can correct any missing dependencies. This should
    fix livecd building for kubuntu (thanks to Jonathan Riddell
    for reporting the problem)

73. By Michael Vogt on 2008-03-11

* cmdline/apt-get.cc:
  - fix incorrect help output for -f (LP: #57487)
  - run the problemResolver after a task was installed
    so that it can correct any missing dependencies
* typo fixes (LP: #107960)

72. By Michael Vogt on 2008-03-04

[ Lionel Porcheron ]
* debian/apt.cron.daily:
  - only call gconftool if gcontool is installed (LP: #194281)

[ Michael Vogt ]
* doc/apt_preferences.5.xml:
  - fix typo (LP: #150900)
* doc/example/sources.list:
  - updated for hardy (LP: #195879)
* debian/apt.cron.daily:
  - sleep random amount of time (default within 0-30min) before
    starting the upate to hit the mirrors less hard

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/lucid/apt
This branch contains Public information 
Everyone can see this information.

Subscribers