Publishing details

Published on 2020-10-31

Changelog

packagekit (1.1.6-2+16.04.sav0) xenial; urgency=medium

  * Backport to Xenial with added security updates
  * SECURITY UPDATE: authentication bypass
    - debian/patches/CVE-2018-1106.patch: do not set JUST_REINSTALL on any
      kind of auth failure in src/pk-transaction.c.
    - CVE-2018-1106
  * SECURITY UPDATE: information disclosure (LP: #1888887)
    - debian/patches/CVE-2020-16121.patch: hide failures behind a single
      error message in src/pk-transaction.c.
    - CVE-2020-16121
  * SECURITY UPDATE: untrusted local file installation (LP: #1882098)
    - debian/patches/CVE-2020-16122.patch: do not trust local packages in
      backends/aptcc/apt-intf.cpp.
    - CVE-2020-16122
  * Due FTBFS (missing AX_CXX_COMPILE_STDCXX macro to set C++14 standard):
    - d/control: Set autoconf-archive (>= 20160916-1~) BD, build with backport

 -- Rob Savoury <email address hidden>  Fri, 30 Oct 2020 18:17:24 -0700

Available diffs

diff from 1.1.6-2~16.04.sav0.2 (in ~savoury1/ubuntu/apt-stage-deletedppa) to 1.1.6-2+16.04.sav0 (3.4 KiB)

Builds

amd64
i386

Built packages

gir1.2-packagekitglib-1.0 GObject introspection data for the PackageKit GLib library

gstreamer1.0-packagekit GStreamer plugin to install codecs using PackageKit

libpackagekit-glib2-18 Library for accessing PackageKit using GLib

libpackagekit-glib2-dev Library for accessing PackageKit using GLib (development files)

packagekit Provides a package management service

packagekit-command-not-found Offer to install missing programs automatically

packagekit-docs Documentation for PackageKit

packagekit-gtk3-module Install fonts automatically using PackageKit

packagekit-tools Provides PackageKit command-line tools

Package files

gir1.2-packagekitglib-1.0_1.1.6-2+16.04.sav0_amd64.deb (34.5 KiB)
gir1.2-packagekitglib-1.0_1.1.6-2+16.04.sav0_i386.deb (34.5 KiB)
gstreamer1.0-packagekit_1.1.6-2+16.04.sav0_amd64.deb (21.9 KiB)
gstreamer1.0-packagekit_1.1.6-2+16.04.sav0_i386.deb (22.0 KiB)
libpackagekit-glib2-18_1.1.6-2+16.04.sav0_amd64.deb (110.5 KiB)
libpackagekit-glib2-18_1.1.6-2+16.04.sav0_i386.deb (111.7 KiB)
libpackagekit-glib2-dev_1.1.6-2+16.04.sav0_amd64.deb (68.8 KiB)
libpackagekit-glib2-dev_1.1.6-2+16.04.sav0_i386.deb (68.8 KiB)
packagekit-command-not-found_1.1.6-2+16.04.sav0_amd64.deb (29.7 KiB)
packagekit-command-not-found_1.1.6-2+16.04.sav0_i386.deb (31.0 KiB)
packagekit-docs_1.1.6-2+16.04.sav0_all.deb (367.0 KiB)
packagekit-gtk3-module_1.1.6-2+16.04.sav0_amd64.deb (21.3 KiB)
packagekit-gtk3-module_1.1.6-2+16.04.sav0_i386.deb (21.5 KiB)
packagekit-tools_1.1.6-2+16.04.sav0_amd64.deb (44.8 KiB)
packagekit-tools_1.1.6-2+16.04.sav0_i386.deb (46.4 KiB)
packagekit_1.1.6-2+16.04.sav0.debian.tar.xz (26.3 KiB)
packagekit_1.1.6-2+16.04.sav0.dsc (3.0 KiB)
packagekit_1.1.6-2+16.04.sav0_amd64.deb (532.5 KiB)
packagekit_1.1.6-2+16.04.sav0_i386.deb (545.0 KiB)
packagekit_1.1.6.orig.tar.xz (1.4 MiB)