Lucene search
UbuntuUSN-1475-1HistoryJun 15, 2012 - 12:00 a.m.
APT update
2012-06-1500:00:00
ubuntu.com
31
7.2 High
AI Score
Confidence
Low
Releases
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- apt - Advanced front-end for dpkg
Details
Georgi Guninski discovered that APT relied on GnuPG argument order and did
not check GPG subkeys when validating imported keyrings via apt-key
net-update. While it appears that a machine-in-the-middle attacker cannot
exploit this, as a hardening measure this update adjusts apt-key to
validate all subkeys when checking for key collisions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | apt | < 0.7.9ubuntu17.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | apt-transport-https | < 0.7.9ubuntu17.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | apt-utils | < 0.7.9ubuntu17.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libapt-pkg-dev | < 0.7.9ubuntu17.5 | UNKNOWN |
| Ubuntu | 12.04 | noarch | apt | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | apt-transport-https | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | apt-utils | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libapt-inst1.4 | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libapt-pkg-dev | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libapt-pkg4.12 | < 0.8.16~exp12ubuntu10.1 | UNKNOWN |
References
7.2 High
AI Score
Confidence
Low