Debian
python-apt package

python-apt 1.8.4.1 source package in Debian

Changelog

python-apt (1.8.4.1) buster-security; urgency=high

  * SECURITY UPDATE: Check that repository is trusted before downloading
    files from it (LP: #1858973)
    - apt/cache.py: Add checks to fetch_archives() and commit()
    - apt/package.py: Add checks to fetch_binary() and fetch_source()
    - CVE-2019-15796
  * SECURITY UPDATE: Do not use MD5 for verifying downloadeds
    (Closes: #944696) (#LP: #1858972)
    - apt/package.py: Use all hashes when fetching packages, and
      check that we have trusted hashes when downloading
    - CVE-2019-15795
  * To work around the new checks, the parameter allow_unauthenticated=True
    can be passed to the functions. It defaults to the value of the
    APT::Get::AllowUnauthenticated option.
  * Automatic changes and fixes for external regressions:
    - Adjustments to test suite and CI to fix CI regressions
    - testcommon: Avoid reading host apt.conf files
    - Automatic mirror list update

 -- Julian Andres Klode <email address hidden>  Thu, 23 Jan 2020 11:10:21 +0100

Upload details

Uploaded by:
APT Development Team
Uploaded to:
Buster
Original maintainer:
APT Development Team
Architectures:
any all
Section:
python
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
python-apt_1.8.4.1.dsc 2.4 KiB 5659acc6cb5068dbcfe3aba00d29fa1b82d91f09c2c2ffbee78ebfc96e9803bb
python-apt_1.8.4.1.tar.xz 335.3 KiB e110b3fff9422c5e27b9cbd23f44e3c7f843d4517fef8b3c2058102b115b20b9

No changes file available.

Binary packages built by this source