apt 1.6.12ubuntu0.2 source package in Ubuntu

Changelog

apt (1.6.12ubuntu0.2) bionic-security; urgency=high

  * SECURITY UPDATE: Integer overflow in parsing (LP: #1899193)
    - apt-pkg/contrib/arfile.cc: add extra checks.
    - apt-pkg/contrib/tarfile.cc: limit tar item sizes to 128 GiB
    - apt-pkg/deb/debfile.cc: limit control file sizes to 64 MiB
    - test/*: add tests.
    - CVE-2020-27350
  * Additional hardening:
    - apt-pkg/contrib/tarfile.cc: Limit size of long names and links to 1 MiB

 -- Julian Andres Klode <email address hidden>  Mon, 07 Dec 2020 12:13:36 +0100

Upload details

Uploaded by:
Julian Andres Klode
Sponsored by:
Marc Deslauriers
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
admin
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Bionic security main admin

Downloads

File Size SHA-256 Checksum
apt_1.6.12ubuntu0.2.tar.xz 2.1 MiB ac42add9c4ea9aab938b99b3d11f274ad7bf8e24307f2f3c673bb83a30f57c6c
apt_1.6.12ubuntu0.2.dsc 2.8 KiB e038b1b45fa8278c9457223936b8a963886b10b955c0dd3836baf06bd03d5317

View changes file

Binary packages built by this source

apt: commandline package manager

 This package provides commandline tools for searching and
 managing as well as querying information about packages
 as a low-level access to all features of the libapt-pkg library.
 .
 These include:
  * apt-get for retrieval of packages and information about them
    from authenticated sources and for installation, upgrade and
    removal of packages together with their dependencies
  * apt-cache for querying available information about installed
    as well as installable packages
  * apt-cdrom to use removable media as a source for packages
  * apt-config as an interface to the configuration settings
  * apt-key as an interface to manage authentication keys

apt-dbgsym: debug symbols for apt
apt-doc: documentation for APT

 This package contains the user guide and offline guide for various
 APT tools which are provided in a html and a text-only version.

apt-transport-https: transitional package for https support

 This is a dummy transitional package - https support has been moved into
 the apt package in 1.5. It can be safely removed.

apt-utils: package management related utility programs

 This package contains some less used commandline utilities related
 to package management with APT.
 .
  * apt-extracttemplates is used by debconf to prompt for configuration
    questions before installation.
  * apt-ftparchive is used to create Packages and other index files
    needed to publish an archive of Debian packages
  * apt-sortpkgs is a Packages/Sources file normalizer.

apt-utils-dbgsym: debug symbols for apt-utils
libapt-inst2.0: deb package format runtime library

 This library provides methods to query and extract information
 from deb packages. This includes the control data and the package
 file content.

libapt-inst2.0-dbgsym: debug symbols for libapt-inst2.0
libapt-pkg-dev: development files for APT's libapt-pkg and libapt-inst

 This package contains the header files and libraries for
 developing with APT's libapt-pkg Debian package manipulation
 library and the libapt-inst deb/tar/ar library.

libapt-pkg-doc: documentation for APT development

 This package contains documentation for development of the APT
 Debian package manipulation program and its libraries.
 .
 This includes the source code documentation generated by doxygen
 in html format.

libapt-pkg5.0: package management runtime library

 This library provides the common functionality for searching and
 managing packages as well as information about packages.
 Higher-level package managers can depend upon this library.
 .
 This includes:
  * retrieval of information about packages from multiple sources
  * retrieval of packages and all dependent packages
    needed to satisfy a request either through an internal
    solver or by interfacing with an external one
  * authenticating the sources and validating the retrieved data
  * installation and removal of packages in the system
  * providing different transports to retrieve data over cdrom, ftp,
    http(s), rsh as well as an interface to add more transports like
    tor+http(s) (apt-transport-tor).

libapt-pkg5.0-dbgsym: debug symbols for libapt-pkg5.0