| Release | Version |
|---|---|
| jessie | 1.0.1-2+deb8u1 |
| stretch | 1.1.5-2+deb9u2 |
| buster | 1.1.12-5 |
| bullseye | 1.2.2-2 |
| bookworm | 1.2.6-5 |
| trixie | 1.3.0-2 |
| sid | 1.3.0-2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-0217 | vulnerable | unknown | unknown | unknown | unknown | unknown | unknown | A use-after-free flaw was found in PackageKitd. In some conditions, th ... |
| CVE-2020-16122 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | PackageKit's apt backend mistakenly treated all local debs as trusted. ... |
| CVE-2020-16121 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | PackageKit provided detailed error messages to unprivileged callers th ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0987 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in PackageKit in the way some of the methods exposed ... |
| Bug | Description |
|---|---|
| TEMP-0678189-8A5546 | packagekit insecure temp file |
| CVE-2018-1106 | An authentication bypass flaw has been found in PackageKit before 1.1. ... |
| CVE-2013-1764 | The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local ... |
| CVE-2011-2515 | PackageKit 0.6.17 allows installation of unsigned RPM packages as thou ... |
| DSA / DLA | Description |
|---|---|
| ELA-297-1 | packagekit - security update |
| DLA-2399-1 | packagekit - security update |
| DSA-4207-1 | packagekit - security update |