aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method

Debian Bug report logs - #789162
aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method

Date: Thu, 18 Jun 2015 14:33:43 +0200

Source: aptdaemon
Version: 1.1.1-4
Severity: grave
Tags: security upstream

Hi,

the following vulnerability was published for aptdaemon, which AFICS
as well affects Debian.

CVE-2015-1323[0]:
information disclosure via simulate dbus method

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-1323
[1] http://www.ubuntu.com/usn/usn-2648-1/
[2] https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1449587

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #14 received at 789162-close@bugs.debian.org (full text, mbox, reply):

From: Julian Andres Klode <jak@debian.org>

To: 789162-close@bugs.debian.org

Subject: Bug#789162: fixed in aptdaemon 1.1.1+bzr982-1

Date: Thu, 18 Jun 2015 17:19:04 +0000

Source: aptdaemon
Source-Version: 1.1.1+bzr982-1

We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 789162@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julian Andres Klode <jak@debian.org> (supplier of updated aptdaemon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 18 Jun 2015 18:41:42 +0200
Source: aptdaemon
Binary: aptdaemon python3-aptdaemon python-aptdaemon python3-aptdaemon.test aptdaemon-data python3-aptdaemon.gtk3widgets python-aptdaemon.gtk3widgets
Architecture: source all
Version: 1.1.1+bzr982-1
Distribution: unstable
Urgency: high
Maintainer: Julian Andres Klode <jak@debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
 aptdaemon  - transaction based package management service
 aptdaemon-data - data files for clients
 python-aptdaemon - Python 2 modules for the server and client of aptdaemon
 python-aptdaemon.gtk3widgets - Python 2 GTK+ 3 widgets to run an aptdaemon client
 python3-aptdaemon - Python 3 modules for the server and client of aptdaemon
 python3-aptdaemon.gtk3widgets - Python 3 GTK+ 3 widgets to run an aptdaemon client
 python3-aptdaemon.test - Test environment for aptdaemon clients
Closes: 770786 788034 789162
Changes:
 aptdaemon (1.1.1+bzr982-1) unstable; urgency=high
 .
   * Merged from Ubuntu wily.
     - Fix for CVE-2015-1323 (Closes: #789162)
     - Use vte 2.91 (Closes: #788034)
     - Fixes imports (Closes: #770786)
   * Drop PackageKit compat layer
 .
 aptdaemon (1.1.1+bzr982-0ubuntu4) wily; urgency=low
 .
   [ Michael Vogt ]
   * SECURITY UPDATE: information disclosure via simulate dbus method
     (LP: #1449587)
     - debian/patches/lp1449587.diff: drop privileges when running lintian,
       update tests.
     - CVE-2015-1323
 .
 aptdaemon (1.1.1+bzr982-0ubuntu3) vivid; urgency=low
 .
   * debian/patches/lp1356823.diff:
     - try harder to fix crash #1356823
 .
 aptdaemon (1.1.1+bzr982-0ubuntu2) vivid; urgency=low
 .
   * debian/patches/lp1356823.diff:
     - fix crash #1356823
 .
 aptdaemon (1.1.1+bzr982-0ubuntu1) vivid; urgency=low
 .
   * fix crash in _on_progress_details() (LP: #1436725)
 .
 aptdaemon (1.1.1+bzr981-0ubuntu2) vivid; urgency=medium
 .
   * autopkgtest: Don't let root reports in /var/crash fail the test.
 .
 aptdaemon (1.1.1+bzr981-0ubuntu1) vivid; urgency=medium
 .
   * New bzr snapshot:
     + Port to VTE 2.91
   * Update Vcs-* to point to vivid branch
   * Standards-Version → 3.9.6, no changes required
 .
 aptdaemon (1.1.1+bzr980-0ubuntu1) utopic; urgency=medium
 .
   * New bzr snapshot:
     - Drop obsolete gobject compatibility and gtkwidgets
     - Drop obsolete dbus.glib imports
     - Do not crash when "#" are in comments
   * Drop fix-configparser.patch, applied upstream.
   * Refresh other patches.
   * Drop python-aptdaemon.gtkwidgets and python-aptdaemon-gtk binaries. These
     have been obsolete for a long time, unmaintained/untested, and there are
     no reverse dependencies any more.
 .
 aptdaemon (1.1.1+bzr973-1ubuntu4) utopic; urgency=medium
 .
   * debian/python3-aptdaemon.pkcompat.install:
     - install pkutils.py, which is required by pkcompat.py.
 .
 aptdaemon (1.1.1+bzr973-1ubuntu3) utopic; urgency=medium
 .
   * New bzr snapshot to fix PEP-8 errors.
   * Update Vcs-* for utopic branch.
 .
 aptdaemon (1.1.1+bzr970-1ubuntu2) utopic; urgency=low
 .
   * debian/patches/lp1153725-temporary-workaround.patch:
     - dropped, tests work fine (LP: #1153725)
 .
 aptdaemon (1.1.1+bzr970-1ubuntu1) utopic; urgency=low
 .
   * New bzr snapshot
     - lp:~brian-murray/aptdaemon/package-version-in-crash
       + include package version in crash reports
   * patches already upstream:
     + upstream_lintian_2.5.18.patch
     + upstream_lp1024590.patch
     + lp1266844.patch
     + fix-ftbs.patch
Checksums-Sha1:
 4f6c4c91c2eb37a3e1ec290c2c9cb28fce6c66e2 2842 aptdaemon_1.1.1+bzr982-1.dsc
 a3c675b1db0dbe2bbc64a2d2a1736f941367a4de 1278635 aptdaemon_1.1.1+bzr982.orig.tar.gz
 b6fbe9eb467e2eddd1fe3f28e5e4bdc54aadbde7 25664 aptdaemon_1.1.1+bzr982-1.debian.tar.xz
 465e5730d5a4777a4afe16394aa5845917882671 198122 aptdaemon-data_1.1.1+bzr982-1_all.deb
 3fb189095d75d8fd5abb004254fd60b18ba64583 309448 aptdaemon_1.1.1+bzr982-1_all.deb
 18eca8684a0d6b005bdcaafd54e1944c214d4bed 33132 python-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 9041500f854e46158707b76557ac9ea0dffd34ea 93800 python-aptdaemon_1.1.1+bzr982-1_all.deb
 0c38ede4ada639967cef4718b4b63cdafaabadfa 33238 python3-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 eec2314fff3584fda78cc3a4420bfb1bf8a62e6c 104640 python3-aptdaemon.test_1.1.1+bzr982-1_all.deb
 224e0580fd3fb52bf125e05ce0b3aac961e63ada 94404 python3-aptdaemon_1.1.1+bzr982-1_all.deb
Checksums-Sha256:
 1a0552cc11080d2dcabdee9e41cbed2eec0d26795e312ab6faa8afa12c1dbc4b 2842 aptdaemon_1.1.1+bzr982-1.dsc
 8729ce3163279359d2dfd674aa3a4d8af49ff6a99bfd0ef670ddb7ec50698eb6 1278635 aptdaemon_1.1.1+bzr982.orig.tar.gz
 8eea2031dad777da3024de40439e713379ea2dbaed09fdf38406c18f2f4cb3d5 25664 aptdaemon_1.1.1+bzr982-1.debian.tar.xz
 0cd82551de4db6053af932221a71a81606b32d6ec03fa5508b1fcb90be28f898 198122 aptdaemon-data_1.1.1+bzr982-1_all.deb
 1ae2aa32194a22896646bf337dd04f7521fef00c38688ecf48e316ac9ddb6206 309448 aptdaemon_1.1.1+bzr982-1_all.deb
 438cddc61aacdc61a36b1066ecd526f686d6a42c043f99d7eba9facb5748730b 33132 python-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 fc1dfdbff3d526a30d97f6df89f06b67892576702a4dcb6310933225d5022461 93800 python-aptdaemon_1.1.1+bzr982-1_all.deb
 48614b354730cd6dc738cfb9ac8e47eb4cbb9b5210389ba20cd8d002f770c6bc 33238 python3-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 4075381253b81bd6d03479f80bc91ef27906a797609476e99666ea49b315e124 104640 python3-aptdaemon.test_1.1.1+bzr982-1_all.deb
 35b17067fe65434225fd96030ca6c892b60603b78129630bf51bdd0f76b5d3fc 94404 python3-aptdaemon_1.1.1+bzr982-1_all.deb
Files:
 0971e3539e05184a9e9b76d97eecf880 2842 admin extra aptdaemon_1.1.1+bzr982-1.dsc
 68e1167d441f999b622fb43bec54cce0 1278635 admin extra aptdaemon_1.1.1+bzr982.orig.tar.gz
 270b64cb95aa30ccbd5c82b744bb8965 25664 admin extra aptdaemon_1.1.1+bzr982-1.debian.tar.xz
 0d154f0c39aa824120e891fa2948ed96 198122 admin extra aptdaemon-data_1.1.1+bzr982-1_all.deb
 0eb37b0845a70a5b2e5798c263962e37 309448 admin extra aptdaemon_1.1.1+bzr982-1_all.deb
 b3503c5836762f86108476120f6dd44f 33132 python extra python-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 32263a565ae8884d82810853425548b1 93800 python extra python-aptdaemon_1.1.1+bzr982-1_all.deb
 9d8a37a6661a7a19e60a4e2ab755ae2a 33238 python extra python3-aptdaemon.gtk3widgets_1.1.1+bzr982-1_all.deb
 6fbd1e1b4ffc74a5b220610da9075e74 104640 python extra python3-aptdaemon.test_1.1.1+bzr982-1_all.deb
 3409ddbbd7c4781f10c56c2d0bf4ba52 94404 python extra python3-aptdaemon_1.1.1+bzr982-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJVgvvJAAoJENc8OeVlgLOGuP8P/0vSjeclsMn5E9rxJsricIcA
rGGFkvYS2/rZfanrfl231VV7oX9BiczGSWyl2+Xj/J2cGUaoM33PYTVfIoj6yigc
CKR+s8khqlL+xxZB/zmi6+ldSr7tx4IzJG7v2aXWRdRiVBD1p2dpDSzjSwE7MiE+
RKxJVkavb/muWdBiatoY9w3PWnwJXTHx561ggn8BCZwIIFEVoyADeOeRTPl5JM/O
G2RRCQWWPQTUUtHpHIO3H0LDtvWA7ZjdFJeNuedcDnoqc1YSIwqNDR/fCsEiLipp
zGckf62jANyJG/ZnztWEzxwVeQalG1G3Ikvfr3WW6C7EsAt/cX7WSrrIpyJrkSdm
2BnWXVpo4VO7WedrVdCX+WQb2awWlbxZc1iz7bo7vNFyhWg67WkpjTfetVHftV+U
DVlk7stTJwIyamR3xgOa83RndGIiMTRxYm1nwXO8oupNhro7ie9hlMEKkcKehxq4
a+6TvM9yf/Hgqmnr6qXdCETCejoblQIF50Egs91hRyOuIFfYduj47InTJTXPfXGC
mvfnLqNG1q114ajJZdSJN/QgzSlMb2kWbti/spsroTTLBhvGkeHeTTFOFq52fSao
GHvd1DpLHFRmyuGB/6BVEYpOF4fLjNenPmx6gJkhqSYz/WjQRT1V0e44QN9H+ccy
IJDoAMz1N1zEcLW8GaIn
=LMKp
-----END PGP SIGNATURE-----

Message #19 received at 789162-close@bugs.debian.org (full text, mbox, reply):

From: Raphaël Hertzog <hertzog@debian.org>

To: 789162-close@bugs.debian.org

Subject: Bug#789162: fixed in aptdaemon 0.31+bzr413-1.1+deb6u1

Date: Tue, 30 Jun 2015 09:52:19 +0000

Source: aptdaemon
Source-Version: 0.31+bzr413-1.1+deb6u1

We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 789162@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Raphaël Hertzog <hertzog@debian.org> (supplier of updated aptdaemon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 30 Jun 2015 11:20:06 +0200
Source: aptdaemon
Binary: aptdaemon python-aptdaemon python-aptdaemon-gtk
Architecture: source all
Version: 0.31+bzr413-1.1+deb6u1
Distribution: squeeze-lts
Urgency: medium
Maintainer: Julian Andres Klode <jak@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description: 
 aptdaemon  - transaction based package management service
 python-aptdaemon - Python module for the server and client of aptdaemon
 python-aptdaemon-gtk - Python GTK+ widgets to run an aptdaemon client
Closes: 789162
Changes: 
 aptdaemon (0.31+bzr413-1.1+deb6u1) squeeze-lts; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS team.
   * Fix information leak via simulate dbus method (CVE-2015-1323).
     Closes: #789162
Checksums-Sha1: 
 d2b7068b47a894478189113bdc06ef8f8001f982 1699 aptdaemon_0.31+bzr413-1.1+deb6u1.dsc
 0963bd5ffb1ef535cf08bc08b6eda99e999b3b76 9555 aptdaemon_0.31+bzr413-1.1+deb6u1.debian.tar.gz
 d82d915c24a383116a3be7cfff884c67481b4ca7 167996 aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 5aacba4f02a773463ffe5c9c7c01ca16f8ec9e67 59014 python-aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 6525f009789469d139a6bcdf6b552e332dceb41b 196988 python-aptdaemon-gtk_0.31+bzr413-1.1+deb6u1_all.deb
Checksums-Sha256: 
 de1d91e820182d783dc0a341dc2468ad609a0219d3156f13a28b58dc78984372 1699 aptdaemon_0.31+bzr413-1.1+deb6u1.dsc
 47ce8ff19fb029468912c7c3c2d2a073c4e77ff5e28cf4792ae19fddd9d2db17 9555 aptdaemon_0.31+bzr413-1.1+deb6u1.debian.tar.gz
 8bb4ccdf06b0c3143ee0cfa8a45c159c932f22dbdc7a28a71f166bfdac99435f 167996 aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 76fd4895b8f2f4e85b86ebd2eb7e43b61a07fb181a056290bac9dfb6dc8892ad 59014 python-aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 a99bcd4cbc6652ea08b49bbdb79e6ae4551fd8d192717ae54fe3c628fbed48e4 196988 python-aptdaemon-gtk_0.31+bzr413-1.1+deb6u1_all.deb
Files: 
 2b4ea1c7ff3d234e8f7005f5f6ed9522 1699 admin extra aptdaemon_0.31+bzr413-1.1+deb6u1.dsc
 c548d62ebb5b4488da149b064ea3ddb6 9555 admin extra aptdaemon_0.31+bzr413-1.1+deb6u1.debian.tar.gz
 8b913579e3f16f3f944a314a1e362c6f 167996 admin extra aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 0eafb00f8b71270dd59ea77e3ca54045 59014 python extra python-aptdaemon_0.31+bzr413-1.1+deb6u1_all.deb
 ebd5e6086e15f183d4edd14f2131bb19 196988 python extra python-aptdaemon-gtk_0.31+bzr413-1.1+deb6u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Signed by Raphael Hertzog

iQEcBAEBCAAGBQJVkmSaAAoJEAOIHavrwpq5ymoH/RB7fD3319zc6PzQwLW4vnQy
ATjoi5VIJUY3knmUYjM0XcIeI+qKOKYjvvQEe189VWFVk55U5SrzkBBuKl9oYo2O
112OsVvhlcFIghF2Eyfb4ZUwUEueu7BL6NA5d980mycv7rx2HeSf8VMvJiM6h0QF
P5s1Ko83Sw6UHfzpYIenRkM/F0rDRGOOgGWYdW9ewXgz10QEHioEO6S/c2Bz2pF4
ssXMPyy7Fm2Ea6wJDxrcWEf0v2k0Wm2Cr21qP3vJamVh5FOuVwngQvw6X8q1cY9L
hWYdLOYyiQes5q3mxsEsmryUNYLrf7PleHoD8n2sV4upSSf3guKg1R4C8ftWE1w=
=Pwvi
-----END PGP SIGNATURE-----

Message #28 received at 789162@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: Salvatore Bonaccorso <carnil@debian.org>, 789162@bugs.debian.org

Cc: debian-lts@lists.debian.org

Subject: Re: Bug#789162: aptdaemon: CVE-2015-1323: information disclosure via simulate dbus method

Date: Mon, 29 Feb 2016 21:42:11 +0100

[Message part 1 (text/plain, inline)]

Hi,
On Thu, Jun 18, 2015 at 02:33:43PM +0200, Salvatore Bonaccorso wrote:
> Source: aptdaemon
> Version: 1.1.1-4
> Severity: grave
> Tags: security upstream
> 
> Hi,
> 
> the following vulnerability was published for aptdaemon, which AFICS
> as well affects Debian.
> 
> CVE-2015-1323[0]:
> information disclosure via simulate dbus method
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

Please find patches for wheezy-security and jessie-security attached.

The tracker has:

  "For jessie-security compat layer for PackageKit needs to be dropped"

The current version in sid also has "Drop PackageKit compat layer" which
seems to confirm that but there's no explanation why needs to go.

I'm happy about any review or a thumgs up to upload to security-master.

Cheers,
 -- Guido

[aptdaemon_0.45-2+deb7u1.diff (text/x-diff, attachment)]

[aptdaemon_1.1.1-4+deb8u1.diff (text/x-diff, attachment)]

Message #33 received at 789162-close@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: 789162-close@bugs.debian.org

Subject: Bug#789162: fixed in aptdaemon 1.1.1-4+deb8u1

Date: Sun, 13 Mar 2016 19:47:10 +0000

Source: aptdaemon
Source-Version: 1.1.1-4+deb8u1

We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 789162@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <agx@sigxcpu.org> (supplier of updated aptdaemon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 29 Feb 2016 21:13:01 +0100
Source: aptdaemon
Binary: aptdaemon python3-aptdaemon python-aptdaemon python3-aptdaemon.test aptdaemon-data python-aptdaemon-gtk python3-aptdaemon.pkcompat python-aptdaemon.gtkwidgets python3-aptdaemon.gtk3widgets python-aptdaemon.gtk3widgets
Architecture: all source
Version: 1.1.1-4+deb8u1
Distribution: stable-proposed-updates
Urgency: medium
Maintainer: Julian Andres Klode <jak@debian.org>
Changed-By: Guido Günther <agx@sigxcpu.org>
Closes: 789162
Description: 
 aptdaemon-data - data files for clients
 aptdaemon  - transaction based package management service
 python3-aptdaemon.gtk3widgets - Python 3 GTK+ 3 widgets to run an aptdaemon client
 python3-aptdaemon.pkcompat - PackageKit compatibilty for AptDaemon
 python3-aptdaemon - Python 3 modules for the server and client of aptdaemon
 python3-aptdaemon.test - Test environment for aptdaemon clients
 python-aptdaemon.gtk3widgets - Python 2 GTK+ 3 widgets to run an aptdaemon client
 python-aptdaemon-gtk - Transitional dummy package
 python-aptdaemon.gtkwidgets - Python GTK+ 2 widgets to run an aptdaemon client
 python-aptdaemon - Python 2 modules for the server and client of aptdaemon
Changes:
 aptdaemon (1.1.1-4+deb8u1) stable-proposed-updates; urgency=medium
 .
   * Non maintainer upload
   * Add CVE-2015-1323.patch to address CVE-2015-1323 - taken from
     1.1.1-1ubuntu5.2 (Closes: #789162)
Checksums-Sha1: 
 814a3bc18969c5b67caeb0a4ded4a8a56fc12928 3077 aptdaemon_1.1.1-4+deb8u1.dsc
 978126e9b3fb799b89fca37d1b6fc8a605ff6e7a 27512 aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
 f379d43522587a5a31e87a0ef67b8a5a557b2c56 362346 aptdaemon_1.1.1-4+deb8u1_all.deb
 106375d8e0d1080f195bcb3d40919bf61887830a 137440 python3-aptdaemon_1.1.1-4+deb8u1_all.deb
 e087a5ed3a9f6a7f4b36d51cc1675c41a0342343 136818 python-aptdaemon_1.1.1-4+deb8u1_all.deb
 53e89791b51721a3f418d9a3a3147a05a49f0a7e 157500 python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
 eb74132fd0fbabdb7c607cc29a9e7ea81ed15966 251038 aptdaemon-data_1.1.1-4+deb8u1_all.deb
 b2169cf39aed1e53ae0967f1140e3e225578ea79 73930 python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
 5321609c45479228dbecf6ae390077980bec3cbf 104652 python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
 02a0036c4f634509900376b51bba9a5e7aac058d 84814 python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
 0cad2a2130307e27ee5d0556ae225e69a154d279 86022 python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
 904944a87d1c8019a229ce7ee511e5b73a75f89f 85922 python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
Checksums-Sha256: 
 fca8eb3c0624b21fe58fe7df07a927c752c97374d59833c2e30f0276a9adae5b 3077 aptdaemon_1.1.1-4+deb8u1.dsc
 e33d835974c01abc642ba158502956a7a13be8e97d05ecab29a4202d25f16b9b 27512 aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
 7810f1963c7c7f32607eb3b30516ecaafd3f23b483d2cf065767b0bce7b58031 362346 aptdaemon_1.1.1-4+deb8u1_all.deb
 302dcefb6d283e6d542c0226a0e84300c902ce98bb1c8c4b0c24c172965b263c 137440 python3-aptdaemon_1.1.1-4+deb8u1_all.deb
 beb69c4beb0ac5981034e0e567a24a9a92727873b7f94ddce1d52aea17c07ac3 136818 python-aptdaemon_1.1.1-4+deb8u1_all.deb
 a17e54cec79a4f8cf1eb14c081f2103ce1be2134ffbaab102a12aa043950bad7 157500 python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
 837b380ed2441a93d90c99284f4cce56f03033bf098196d22e7c20e0aa7506a3 251038 aptdaemon-data_1.1.1-4+deb8u1_all.deb
 12cd8ce36631bc850fd6614d422df01e7723e54028620574236c4a54780a823e 73930 python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
 2dce153fc673b84a27069d2e79e900f0757863dd713cfbe7e80041017c951270 104652 python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
 213153e5a18b4819cd79a09e3c4f00a3633bd047adb202ef9609b5ee3edba8cd 84814 python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
 4d530ee9a89262cb1df17c739ecf5673bb15c9b516dc2e838a2269ab45c41cfa 86022 python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
 ee6ead37237edf469e2c5958968d2cdbfb99a93c0524e40a994e232d3f06ffdc 85922 python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
Files: 
 357b29aff75094ddd1925cad518b3142 3077 admin extra aptdaemon_1.1.1-4+deb8u1.dsc
 bfc65617566e81617931d8a4801295d9 27512 admin extra aptdaemon_1.1.1-4+deb8u1.debian.tar.xz
 1cc0aa95753ec8b6cbcea44bc649dfb1 362346 admin extra aptdaemon_1.1.1-4+deb8u1_all.deb
 6314eb97a777520f38dec046a5f3c89a 137440 python extra python3-aptdaemon_1.1.1-4+deb8u1_all.deb
 9ea455210bc6176d78650a88f30b919b 136818 python extra python-aptdaemon_1.1.1-4+deb8u1_all.deb
 a316698168450ab6602c6799cd5fbe49 157500 python extra python3-aptdaemon.test_1.1.1-4+deb8u1_all.deb
 b6d3b84f742ded9565ad36c42beb97e1 251038 admin extra aptdaemon-data_1.1.1-4+deb8u1_all.deb
 032492014fb2dd7a79c5b885ec4348e3 73930 python extra python-aptdaemon-gtk_1.1.1-4+deb8u1_all.deb
 6fc27a1dcea88396539c9f136ba2fb53 104652 python extra python3-aptdaemon.pkcompat_1.1.1-4+deb8u1_all.deb
 380d5f5d1cd70701a567402b22e05d42 84814 python extra python-aptdaemon.gtkwidgets_1.1.1-4+deb8u1_all.deb
 69700e76f021ea700be0236ac8bd8966 86022 python extra python3-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb
 1b12b95ffc365b2b70060d2dd3930492 85922 python extra python-aptdaemon.gtk3widgets_1.1.1-4+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJW5FT/AAoJEAe4t7DqmBIL7tQQAJiOn7Z6upInDLT5azMjE0pZ
RpmzuVp3patMsDNeHQjtnVo2//sxcOOXiSPORDRB7cWuSt/ka1KplSzvp27A+BMH
RveWBy42bzHrv7vfGr9nHTKY1invT+pF0QkPVj/WF5wUoP5qIBkteDBkC2UAmshu
eRLaBqkdBqwSBvVpcr7RhnTJHEr1WVySJnKZS5sMUJZ8gv/l8YMu9fOfOOAZuT0o
gahKNQ/d/Vg7tep5YWIzGS0GjgcL6XqCj3sl4NRZ7XEt4Y2PjYhYZ665jqnUO8Wd
vvhmU90Q+0lXpA2yrENELEiJDYQ1065HssYsiUgovB22LcEbhdlaA9zTB19spklj
r8Qzx7dGZvLwg/QKWYr6VOrD9Sv8PriehpEadHG8ttYCzBqxyh6MnRgOWefAMxPl
eiHcotzsbVYQXRhSIPbCGROoeMVjUqWDkie9TAcDtmqe15bKJGpVEY8ww+OtBuCF
jOqFwYy5QoCRuwWGeA+guhZyPRjJdxdQxUbZYrg+ejbEC77fmZO5M7dUOQukgzso
ZnMmjj0homIXgFom5Ge5Temnzu/Oz/CLmEpuNkspDvMs2UixIT6D9BiLl73/26QN
UIJf6ZM2JB4fqFSJM3/R1/u6cJREJFuyTntqZUkr4cZL7ZkM5scpRe6qF34QPgPn
K9OBaF8Fd7b4Iju7cZlt
=veKw
-----END PGP SIGNATURE-----

Message #38 received at 789162-close@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: 789162-close@bugs.debian.org

Subject: Bug#789162: fixed in aptdaemon 0.45-2+deb7u1

Date: Sun, 13 Mar 2016 21:35:33 +0000

Source: aptdaemon
Source-Version: 0.45-2+deb7u1

We believe that the bug you reported is fixed in the latest version of
aptdaemon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 789162@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <agx@sigxcpu.org> (supplier of updated aptdaemon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 29 Feb 2016 08:33:47 +0100
Source: aptdaemon
Binary: aptdaemon python-aptdaemon python-aptdaemon.test aptdaemon-data python-aptdaemon-gtk python-aptdaemon.pkcompat python-aptdaemon.gtkwidgets python-aptdaemon.gtk3widgets
Architecture: source all
Version: 0.45-2+deb7u1
Distribution: oldstable-proposed-updates
Urgency: medium
Maintainer: Julian Andres Klode <jak@debian.org>
Changed-By: Guido Günther <agx@sigxcpu.org>
Description: 
 aptdaemon  - transaction based package management service
 aptdaemon-data - data files for clients
 python-aptdaemon - Python module for the server and client of aptdaemon
 python-aptdaemon-gtk - Transitional dummy package
 python-aptdaemon.gtk3widgets - Python GTK+ 3 widgets to run an aptdaemon client
 python-aptdaemon.gtkwidgets - Python GTK+ 2 widgets to run an aptdaemon client
 python-aptdaemon.pkcompat - PackageKit compatibilty for AptDaemon
 python-aptdaemon.test - Test environment for aptdaemon clients
Closes: 789162
Changes: 
 aptdaemon (0.45-2+deb7u1) oldstable-proposed-updates; urgency=medium
 .
   * Non maintainer upload
   * Add CVE-2015-1323.patch to address CVE-2015-1323 - taken from
     0.43+bzr805-0ubuntu10 (Closes: #789162)
Checksums-Sha1: 
 7055fbddda2b7f804eb561b5ab3422dea00379d3 2545 aptdaemon_0.45-2+deb7u1.dsc
 8e6ebcd396b4ffbe2901ca68b4625594ebb8a8c7 18952 aptdaemon_0.45-2+deb7u1.debian.tar.xz
 b69772e774c49c00f1ea2a3349aa77a4faefa060 277740 aptdaemon_0.45-2+deb7u1_all.deb
 a6e285621112b7ad9362876d166f95454308ef38 92584 python-aptdaemon_0.45-2+deb7u1_all.deb
 1f1e0752373d480e52b39773e11a2c6f79b1f915 91818 python-aptdaemon.test_0.45-2+deb7u1_all.deb
 4d06fbda00c53d6454ba2e2e1eb976920614d3e0 191212 aptdaemon-data_0.45-2+deb7u1_all.deb
 5b5f12c72343bfa3f1d9fe7840999e365c5037d2 13500 python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 3ca6efd93a0149f6421b1e588b3550993ed10e9a 41856 python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 806bde63b02a844679943d2477b63c7c5e0bae6d 26504 python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 f2ecf5eabdf21331bd7aa323d2e23cac3250f0a5 27450 python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb
Checksums-Sha256: 
 9b0040a7c76489a01775ed72173bf2c6a695f454a2a5c6bb45b6563f4159907c 2545 aptdaemon_0.45-2+deb7u1.dsc
 8b036b8297ee5964bb521522a543e33a9195e2751359a5965204395b5e21352c 18952 aptdaemon_0.45-2+deb7u1.debian.tar.xz
 ba219a6c636fcd043a796f45a9e8799787a9b5612cc5536b30e8ed10d207eae2 277740 aptdaemon_0.45-2+deb7u1_all.deb
 5f2c48a4c2aca3cec7f06159ed939295d27163cedaa21c33f9c73efd70cc7c15 92584 python-aptdaemon_0.45-2+deb7u1_all.deb
 addba1924a95d4cfaf2a8d853fe8a820430f7dd489ad37c205c6083e3b4534c9 91818 python-aptdaemon.test_0.45-2+deb7u1_all.deb
 b9e8801f8d9a3e64984f32122a0d586a5b3f8a0bd6751bb0cfb65cda29c3525e 191212 aptdaemon-data_0.45-2+deb7u1_all.deb
 4e734130c1ebdfbfa964e7f0b43afd554fb0f12aa8e6d78f77b435cd4e1cfd89 13500 python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 3bc1c853f344b392eed9cde221163b88428f040fca752e216f0266dd229afb49 41856 python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 41005c7165d174282e2b2f61a4cb029f152cdca28f903cc91e4315ed48b49e55 26504 python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 8a7a33fec1bcd13955334cad8161edb011b82c790002d08bf3132d6ddb0db943 27450 python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb
Files: 
 82816f03fc1136ff993febeeb0a36dd6 2545 admin extra aptdaemon_0.45-2+deb7u1.dsc
 5f869694011f075e7130cad3d40aa1dc 18952 admin extra aptdaemon_0.45-2+deb7u1.debian.tar.xz
 26512dea61cf0c0a98333bad34560f01 277740 admin extra aptdaemon_0.45-2+deb7u1_all.deb
 eb42df898231234be3178c0f3a492c42 92584 python extra python-aptdaemon_0.45-2+deb7u1_all.deb
 9510b25055647146625b73ab8f57947a 91818 python extra python-aptdaemon.test_0.45-2+deb7u1_all.deb
 1133010daf87c0aa14c91091c9f093b0 191212 admin extra aptdaemon-data_0.45-2+deb7u1_all.deb
 613ba2f09881eb2c5a33a2f1fe9bfeeb 13500 python extra python-aptdaemon-gtk_0.45-2+deb7u1_all.deb
 9780ff506828d8166c3f93ce4529c335 41856 python extra python-aptdaemon.pkcompat_0.45-2+deb7u1_all.deb
 52b793a99a2abea3b7a516d68b97e60e 26504 python extra python-aptdaemon.gtkwidgets_0.45-2+deb7u1_all.deb
 636e460cb3678b2ef224c384ce03f01d 27450 python extra python-aptdaemon.gtk3widgets_0.45-2+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJW5FJaAAoJEAe4t7DqmBILMJMP/jGVvp34Rf9jMSHTncOG/t6S
SPM57USaE7ecrCcWEaSgRPm04yZm/w/XX0I5WzfoSuKSLK2Tr3Pqwq3tp4fr7N4O
IeVeOEPI7y2xfBeA3xV3+f6M2PptSn24lr2Bm2GJ2dME9zHjQm7HG+ff7wcv+C0H
+0ujT/3A0+SvFz7urbR8sq5Nx53mh5Gp6+my9q9qimWkQZK6YvULZkJarDL2wC9/
vl5TBTVNlxnf/UaiqeTMdXfKgn+Ip+1ZAN9pCcltdx6SVR8jir3CUQA1yeQK0pCy
V/uBgNU4+rPa+7zUk16b/l1cVXflhgpC42yw3gR/uSyoXpMAWmkiOCRPLpcHOWzx
DDGoa8X9EwfWmQ9uyDbhKbA+zVsyjVnAO67hLG47ULT92FGupHzhL0LRNW4GTLga
c5yq4YKOcC2i0rqNNHY9Mrtm2Eb8Agom1YnY95CPaCuAMLY4a1VyNkp+QpgxIjl4
BaE6cfsFeSzDwpAtDU2dShd+R7FKBDGcseb/Nra1dfgGtTMyrKQvVfHUpD800Kmj
1rTd4qtP+FSa9fXHdqxqcI4+iVW1rSCvwJtgNMYCHNWk9GEVmPwPKC4cvhxvlh8E
6ovv3gwPKUFBm3emTj4J+7ki55+GgzHSl01ALix4QiWR12RUnltCNb6U7mX5KUhW
aG78iYcsZoNOkNdMX2Y4
=hLDv
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.