| Release | Version |
|---|---|
| buster | 1.1.12-5 |
| bullseye | 1.2.2-2 |
| bookworm | 1.2.6-3 |
| sid | 1.2.6-3 |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2020-16122 | vulnerable (no DSA) | fixed | fixed | fixed | PackageKit's apt backend mistakenly treated all local debs as trusted. ... |
| CVE-2020-16121 | vulnerable (no DSA) | fixed | fixed | fixed | PackageKit provided detailed error messages to unprivileged callers th ... |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2022-0987 | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in PackageKit in the way some of the methods exposed ... |
| Bug | Description |
|---|---|
| TEMP-0678189-8A5546 | packagekit insecure temp file |
| CVE-2018-1106 | An authentication bypass flaw has been found in PackageKit before 1.1. ... |
| CVE-2013-1764 | The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local ... |
| CVE-2011-2515 | PackageKit 0.6.17 allows installation of unsigned RPM packages as thou ... |
| DSA / DLA | Description |
|---|---|
| DLA-2399-1 | packagekit - security update |
| DSA-4207-1 | packagekit - security update |