ubuntu/+source/apt:ubuntu/precise-security

Last commit made on 2014-10-08
Get this branch:
git clone -b ubuntu/precise-security https://git.launchpad.net/ubuntu/+source/apt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-security
Repository:
lp:ubuntu/+source/apt

Recent commits

78b84c7... by Michael Vogt on 2014-10-08

Import patches-unapplied version 0.8.16~exp12ubuntu10.21 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5fcb1535329778d3c4b68c487c20c760163f8826

New changelog entries:
  * SECURITY UPDATE:
    - cmdline/apt-get.cc: fix insecure tempfile handling in
      apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover

5fcb153... by Michael Vogt on 2014-09-23

Import patches-unapplied version 0.8.16~exp12ubuntu10.20.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 559d1a575e6393f18db8be23b5da8c8b0a5cc9dc

New changelog entries:
  * SECURITY UPDATE:
    - fix potential buffer overflow, thanks to the
      Google Security Team (CVE-2014-6273)
  * Fix regression in 0.9.7.9+deb7u3 when file:/// sources
    are used and those are on a different partition than
    the apt state directoryo (LP: #1371058)
  * Revert FileFd::ReadOnlyGzip change
  * Fix regression when Dir::state::lists is set to a relative path
  * Fix regression when cdrom: sources got rewriten by apt-cdrom add

559d1a5... by Michael Vogt on 2014-09-15

Import patches-unapplied version 0.8.16~exp12ubuntu10.19 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 06a482585b7eae62d317d16d26559c7591b3bf1e

New changelog entries:
  * SECURITY UPDATE:
    - incorrect invalidating of unauthenticated data (CVE-2014-0488)
    - incorect verification of 304 reply (CVE-2014-0487)
    - incorrect verification of Acquire::Gzip indexes (CVE-2014-0489)
    - incorrect apt-get download validation (CVE-2014-0490)

06a4825... by Michael Vogt on 2014-06-12

Import patches-unapplied version 0.8.16~exp12ubuntu10.17 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: fa648a86b54a0f89b1a46f62d96fc6d49a1c1681

New changelog entries:
  * SECURITY UPDATE: incorrect apt-get source validation (LP: #1329274)
    - warn if not authenticated in cmdline/apt-get.cc, added regression
      test to test/integration/test-apt-get-source-authenticated,
      test/integration/framework.
    - CVE-2014-0478

fa648a8... by Adam Conrad on 2013-11-15

Import patches-unapplied version 0.8.16~exp12ubuntu10.16 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 699fb4167ddad7bb141ab2131475ebad5419c20b

New changelog entries:
  * Keep linux-tools packages matching installed kernels (LP: #1205284)

699fb41... by Colin Watson on 2013-10-03

Import patches-unapplied version 0.8.16~exp12ubuntu10.15 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: e643bc81fdf30ccf7cc793dd76e48b6d19a538c8

New changelog entries:
  [ David Kalnischkies ]
  * ftparchive/writer.cc:
    - handle the APT::FTPArchive::Packages::SHA512 option correctly instead
      of overriding SHA256, thanks Christian Marillat! (Closes: #680252,
      LP: #1234691)
  [ Colin Watson ]
  * Fix apt-ftparchive's generation of SHA512 checksums for Sources,
    previously incorrectly generated as SHA256 (LP: #1234705).

e643bc8... by Dave Chiluk on 2013-08-20

Import patches-unapplied version 0.8.16~exp12ubuntu10.14 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 3303f674efbb0e9e15e84fe06b3f8160f2a29332

New changelog entries:
  * Fix unhandled If-Modified-Since case that causes apt lists corruption.
    LP: #1179781

3303f67... by Dave Chiluk on 2013-07-12

Import patches-unapplied version 0.8.16~exp12ubuntu10.12 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 2137fbdf95c861cd76f035f922751346b75b2c7b

New changelog entries:
  * Add patch from Thomas Bushnell to make apt-get reuse https connections
    (LP: #1087543)

2137fbd... by Michael Vogt on 2013-04-04

Import patches-unapplied version 0.8.16~exp12ubuntu10.11 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 0aa3b37cd0a27b11858186d1edbfd3857abb727b

New changelog entries:
  [ Michael Vogt ]
  * test/integration/test-bug-1078697-missing-source-hashes:
    - add test for deb-src hash generation
  [ Marc Deslauriers ]
  * make apt-ftparchive generate missing deb-src hashes (LP: #1078697)

0aa3b37... by Marc Deslauriers on 2013-03-13

Import patches-unapplied version 0.8.16~exp12ubuntu10.10 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0282f44ac480e3692607a08629559e68da9cddf4

New changelog entries:
  * SECURITY UPDATE: InRelease verification bypass
    - CVE-2013-1051
  [ David Kalnischk ]
  [ Michael Vogt ]
  * apt-pkg/deb/debmetaindex.cc,
    test/integration/test-bug-595691-empty-and-broken-archive-files,
    test/integration/test-releasefile-verification:
    - disable InRelease downloading until the verification issue is
      fixed, thanks to Ansgar Burchardt for finding the flaw