Max Justicz discovered that APT incorrectly handled certain parameters
during redirects. If a remote attacker were able to perform a
machine-in-the-middle attack, this flaw could potentially be used to install
altered packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 18.10 | noarch | apt | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | apt-dbgsym | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | apt-doc | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | apt-transport-https | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | apt-utils | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | apt-utils-dbgsym | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | libapt-inst2.0 | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | libapt-inst2.0-dbgsym | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | libapt-pkg-dev | < 1.7.0ubuntu0.1 | UNKNOWN |
Ubuntu | 18.10 | noarch | libapt-pkg-doc | < 1.7.0ubuntu0.1 | UNKNOWN |