CVE-2020-16128

Published: 08 December 2020

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.

Priority

CVSS 3 base score: 3.8

Status

Package	Release	Status
aptdaemon Launchpad, Ubuntu, Debian	Upstream	Needs triage


	Ubuntu 20.10 (Groovy Gorilla)	Released (1.1.1+bzr982-0ubuntu34.1)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (1.1.1+bzr982-0ubuntu32.3)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (1.1.1+bzr982-0ubuntu19.5)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (1.1.1+bzr982-0ubuntu14.5)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

References

Bugs

https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1899513

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM