Release | Version |
---|---|
stretch | 1.1.5-2+deb9u1 |
stretch (security) | 1.1.5-2+deb9u2 |
buster | 1.1.12-5 |
bullseye | 1.2.2-2 |
bookworm | 1.2.5-3 |
sid | 1.2.5-3 |
Bug | stretch | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|---|
CVE-2022-0987 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | PackageKit: Information Disclosure in Transaction Interface via timing |
CVE-2020-16122 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | PackageKit's apt backend mistakenly treated all local debs as trusted. ... |
CVE-2020-16121 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | PackageKit provided detailed error messages to unprivileged callers th ... |
Bug | Description |
---|---|
TEMP-0678189-8A5546 | packagekit insecure temp file |
CVE-2018-1106 | An authentication bypass flaw has been found in PackageKit before 1.1. ... |
CVE-2013-1764 | The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local ... |
CVE-2011-2515 | PackageKit 0.6.17 allows installation of unsigned RPM packages as thou ... |
DSA / DLA | Description |
---|---|
DLA-2399-1 | packagekit - security update |
DSA-4207-1 | packagekit - security update |