Publishing details
Changelog
packagekit (1.1.6-2+16.04.sav0) xenial; urgency=medium
* Backport to Xenial with added security updates
* SECURITY UPDATE: authentication bypass
- debian/patches/CVE-2018-1106.patch: do not set JUST_REINSTALL on any
kind of auth failure in src/pk-transaction.c.
- CVE-2018-1106
* SECURITY UPDATE: information disclosure (LP: #1888887)
- debian/patches/CVE-2020-16121.patch: hide failures behind a single
error message in src/pk-transaction.c.
- CVE-2020-16121
* SECURITY UPDATE: untrusted local file installation (LP: #1882098)
- debian/patches/CVE-2020-16122.patch: do not trust local packages in
backends/aptcc/apt-intf.cpp.
- CVE-2020-16122
* Due FTBFS (missing AX_CXX_COMPILE_STDCXX macro to set C++14 standard):
- d/control: Set autoconf-archive (>= 20160916-1~) BD, build with backport
-- Rob Savoury <email address hidden> Fri, 30 Oct 2020 18:17:24 -0700
Builds
Built packages
-
gir1.2-packagekitglib-1.0
GObject introspection data for the PackageKit GLib library
-
gstreamer1.0-packagekit
GStreamer plugin to install codecs using PackageKit
-
libpackagekit-glib2-18
Library for accessing PackageKit using GLib
-
libpackagekit-glib2-dev
Library for accessing PackageKit using GLib (development files)
-
packagekit
Provides a package management service
-
packagekit-command-not-found
Offer to install missing programs automatically
-
packagekit-docs
Documentation for PackageKit
-
packagekit-gtk3-module
Install fonts automatically using PackageKit
-
packagekit-tools
Provides PackageKit command-line tools
Package files