Ubuntu
python-apt package

python-apt-common 2.1.3ubuntu1.1 Ubuntu.info doesn't have 'groovy'

Bug #1907496 reported by Ian Douglas Scott on 2020-12-09

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	python-apt (Ubuntu)	Invalid	Undecided	Unassigned
	Groovy	Fix Released	Critical	Steve Langasek

Bug Description

http://archive.ubuntu.com/ubuntu/pool/main/p/python-apt/python-apt-common_2.1.3ubuntu1.1_all.deb lacks `Suite: groovy` in `Ubuntu.info`, which is present in http://archive.ubuntu.com/ubuntu/pool/main/p/python-apt/python-apt-common_2.1.3ubuntu1_all.deb.

I assume this is unintentional?

CVE References

2020-27351

Julian Andres Klode (juliank) on 2020-12-09

Changed in python-apt (Ubuntu Groovy):
status:	New → Triaged
importance:	Undecided → Critical
Changed in python-apt (Ubuntu):
status:	New → Invalid

Revision history for this message

Steve Langasek (vorlon) wrote on 2020-12-09:

this package has been rolled back from groovy-security and groovy-updates, pending a fixed package

Steve Langasek (vorlon) on 2020-12-09

Changed in python-apt (Ubuntu Groovy):
status:	Triaged → In Progress
assignee:	nobody → Steve Langasek (vorlon)

Revision history for this message

bsr (bsr-software) wrote on 2020-12-10:

Sorry for annoying you, was a missclick by me.

Changed in python-apt (Ubuntu Groovy):
status:	In Progress → Confirmed
status:	Confirmed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-12-10:

This bug was fixed in the package python-apt - 2.1.3ubuntu1.2

---------------
python-apt (2.1.3ubuntu1.2) groovy-security; urgency=medium

* Fix regression in data/templates/Ubuntu.info.in versus the release
pocket. LP: #1907496.

python-apt (2.1.3ubuntu1.1) groovy-security; urgency=high

  * SECURITY UPDATE: various memory and file descriptor leaks (LP: #1899193)
    - python/arfile.cc, python/generic.h, python/tag.cc, python/tarfile.cc:
      fix file descriptor and memory leaks
    - python/apt_instmodule.cc, python/apt_instmodule.h, python/arfile.h:
      Avoid reference cycle with control,data members in apt_inst.DebFile
      objects
    - tests/test_cve_2020_27351.py: Test cases for DebFile (others not easily
      testable)
    - CVE-2020-27351
  * .gitlab-ci.yml: Fix mypy and Ubuntu version for CI
  * data/templates: Update mirror lists

-- Steve Langasek <email address hidden> Wed, 09 Dec 2020 13:33:26 -0800

Changed in python-apt (Ubuntu Groovy):
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntupython-apt package

python-apt-common 2.1.3ubuntu1.1 Ubuntu.info doesn't have 'groovy'

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
python-apt package