ubuntu/+source/apt:ubuntu/lucid-security

Last commit made on 2014-09-23
Get this branch:
git clone -b ubuntu/lucid-security https://git.launchpad.net/ubuntu/+source/apt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid-security
Repository:
lp:ubuntu/+source/apt

Recent commits

9e7328a... by Michael Vogt on 2014-09-23

Import patches-unapplied version 0.7.25.3ubuntu9.17.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 1d7f1fe555df3ed69b858c27aaa87631886301ff

New changelog entries:
  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression from the previous upload when file:/// sources
    are used and those are on a different partition than
    the apt state directory (LP: #1371058)
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add

1d7f1fe... by Michael Vogt on 2014-09-15

Import patches-unapplied version 0.7.25.3ubuntu9.16 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: ce6ae6b5a3d08ea9a6e20ec10c240912b2de1288

New changelog entries:
  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)

ce6ae6b... by Michael Vogt on 2014-06-12

Import patches-unapplied version 0.7.25.3ubuntu9.15 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 78cd4658c77e7c810dedd975949a46a1b5fbb32c

New changelog entries:
  * SECURITY UPDATE: incorrect apt-get source validation (LP: #1329274)
    - warn if not authenticated in cmdline/apt-get.cc.
    - CVE-2014-0478

78cd465... by Colin Watson on 2012-08-20

Import patches-unapplied version 0.7.25.3ubuntu9.14 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 806cc92319f0f8e5c2f3045495765c53cbbbc6cb

New changelog entries:
  * ftparchive/override.cc:
    - Double maximum override line length to 1000 (LP: #1038961).

806cc92... by Jamie Strandboge on 2012-06-15

Import patches-unapplied version 0.7.25.3ubuntu9.13 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: ef786fc8a1be4436960ff54f3b5735041e5e4836

New changelog entries:
  * SECURITY UPDATE: Disable apt-key net-update for now, as validation
    code is still insecure
    - cmdline/apt-key: exit 1 immediately in net_update()
    - CVE-2012-0954
    - LP: #1013639

ef786fc... by Jamie Strandboge on 2012-06-14

Import patches-unapplied version 0.7.25.3ubuntu9.12 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: fa420c510c886c05dd7a08c0fb640d04911e1f0c

New changelog entries:
  * adjust apt-key to ensure no collisions on subkeys too. Patch thanks to
    Marc Deslauriers. (LP: #1013128)

fa420c5... by Leo Iannacone on 2012-01-31

Import patches-unapplied version 0.7.25.3ubuntu9.11 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 67b40350cd3862a57891b0b4b5129a981a1435b3

New changelog entries:
  * New patch from upstream ftparchive-fix-filemode-settings.patch:
    - Ensure that BinDirectory as well as Tree settings get the correct
      default FileMode setting (LP: #917845, Closes: #595922)

67b4035... by Colin Watson on 2012-01-30

Import patches-unapplied version 0.7.25.3ubuntu9.10 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: e51df60f3bc50dc57805eef665bafc7effc92eaa

New changelog entries:
  * apt-pkg/algorithms.cc: Iterate Breaks the same way as Conflicts, so that
    we resolve virtual package Breaks more effectively (LP: #922485).
  * apt-pkg/algorithms.{cc,h}: Use an int to represent resolver scores, not
    a signed short, because large upgrades can result in an overflow for
    core packages (LP: #917173).

e51df60... by Marc Deslauriers on 2011-11-22

Import patches-unapplied version 0.7.25.3ubuntu9.9 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: b82f5e652fc16f47c1ccfe375b53cc6f784b17a6

New changelog entries:
  * SECURITY UPDATE: sensitive information disclosure via incorrect
    hostname validation (LP: #868353)
    - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
    - CVE-2011-3634
  * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
    - cmdline/apt-key: improve key validation.

b82f5e6... by Adam Conrad on 2011-10-04

Import patches-unapplied version 0.7.25.3ubuntu9.8 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: d5799c4eb16463041e9d16496634270b785751f1

New changelog entries:
  * Backports of various archive-support features (LP: #865828):
    - update xz support to also support xz Packages and Sources
    - backport apt-ftparchive support for splitting out long
      descriptions from the Packages file into Translations-en
    - backport fix for apt-ftparchive hang from debian-sid branch
  * The above backports were all heavily tested on the Ubuntu
    ftpmaster machines in a previously-released internal version