The vulnerabilities of the functions Version.fetch_binary() and Version.fetch_source() in the python-apt package installation module allow a attacker to compromise data integrity.

The vulnerability of the Version.fetchbinary and Version.fetchsource functions in the python-apt package installation module is related to an error in downloading files from repositories that do not have a signature. Exploiting this vulnerability could allow a remote attacker to compromise data...

The vulnerabilities of the functions Version.fetch_binary() and Version.fetch_source() in the python-apt package installation module allow a attacker to compromise data integrity.

The vulnerability of the Version.fetchbinary and Version.fetchsource functions in the python-apt package installation module is related to the improper verification of the MD5 hash sum only for the uploaded files. Exploiting this vulnerability could allow a remote attacker to compromise data...

DEBIAN-CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...