Ubuntu
apt package

lp:ubuntu/hardy-security/apt

Hardy (8.04)
hardy-security

Created by James Westby on 2009-12-05 and last modified on 2012-06-15

Get this branch:: bzr branch lp:ubuntu/hardy-security/apt

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

81. By Jamie Strandboge on 2012-06-15

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is still insecure
  - cmdline/apt-key: exit 1 immediately in net_update()
  - CVE-2012-0954
  - LP: #1013639

80. By Jamie Strandboge on 2012-06-14

adjust apt-key to ensure no collisions on subkeys too. Patch thanks to
Marc Deslauriers. (LP: #1013128)

79. By Marc Deslauriers on 2011-11-22

* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
- cmdline/apt-key: improve key validation.

78. By Marc Deslauriers on 2011-09-22

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is insecure. (LP: #856489)
  - cmdline/apt-key: exit immediately out of net_update().
  - CVE number pending

77. By Jamie Strandboge on 2009-04-17

* SECURITY UPDATE: honor expired and revoked key signatures
  - adjust methods/gpgv.cc to mark a signature as valid only if GOODSIG
    is set by gpgv
  - CVE-XXXX-XXXX
  - Patch from Michael Vogt
* SECURITY UPDATE: ensure automatic updates are not permanently disabled
  in certain situations when the timezone's DST starts at midnight
  - adjust debian/apt.cron.daily to check the return code of date
  - CVE-XXXX-XXXX

76. By Michael Vogt on 2008-04-22

* apt-pkg/acquire-item.cc:
- fix signaure removal on transient network failures
(thanks to Scott James Remnant)

75. By Michael Vogt on 2008-04-08

* cmdline/apt-key:
- only check against master-keys in net-update to not break
custom CDs (thanks to Colin Watson)

74. By Michael Vogt on 2008-03-13

* cmdline/apt-get.cc:
  - do two passes when installing tasks, first ignoring dependencies,
    then resolving them and run the problemResolver at the end
    so that it can correct any missing dependencies. This should
    fix livecd building for kubuntu (thanks to Jonathan Riddell
    for reporting the problem)

73. By Michael Vogt on 2008-03-11

* cmdline/apt-get.cc:
  - fix incorrect help output for -f (LP: #57487)
  - run the problemResolver after a task was installed
    so that it can correct any missing dependencies
* typo fixes (LP: #107960)

72. By Michael Vogt on 2008-03-04

[ Lionel Porcheron ]
* debian/apt.cron.daily:
- only call gconftool if gcontool is installed (LP: #194281)

[ Michael Vogt ]
* doc/apt_preferences.5.xml:
  - fix typo (LP: #150900)
* doc/example/sources.list:
  - updated for hardy (LP: #195879)
* debian/apt.cron.daily:
  - sleep random amount of time (default within 0-30min) before
    starting the upate to hit the mirrors less hard

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/lucid/apt

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuapt package