68 matches found
Design/Logic Flaw
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...
CVE-2012-0955
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...
CVE-2012-0955 software-properties incorrectly validated TLS certificates
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...
CVE-2012-0955
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fix...
CVE-2012-0955
CVE-2012-0955 affects the Ubuntu software-properties component, where TLS certificate validation was incorrect in softwareproperties/ppa.py. It did not consistently validate TLS certificates under Python 2 and only validated under Python 3 if a valid bundle was provided. This led to potential MIT...
Launchpad Software-properties Trust Management Issue Vulnerability
Launchpad Software-properties is a software from the Launchpad organization for managing installed software images on Linux systems. A security vulnerability exists in software-properties versions prior to 0.92, which stems from incorrect TLS certificate validation in softwareproperties ppa.py,...
Debian DLA-2339-1 : software-properties security update
Jason A. Donenfeld found an ansi escape sequence injection into software-properties, a manager for apt repository sources. An attacker could manipulate the screen of a user prompted to install an additional repository PPA. For Debian 9 stretch, this problem has been fixed in version...
Debian: Security Advisory (DLA-2339-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2339-1] software-properties security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2339-1 [email protected] https://www.debian.org/lts/security/ August 22, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
DLA-2339-1 software-properties - security update
Bulletin has no description...
USN-4457-2 software-properties vulnerability
USN-4457-1 fixed a vulnerability in Software. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricke...
USN-4457-2: Software Properties vulnerability
USN-4457-1 fixed a vulnerability in Software. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricke...
Ubuntu: Security Advisory (USN-4457-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Software Properties vulnerability (USN-4457-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4457-1 advisory. Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If ...
USN-4457-1 software-properties vulnerability
Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen...
USN-4457-1: Software Properties vulnerability
Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen...
CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...
DEBIAN-CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...
CVE-2011-4407
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...
Code injection
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle MITM attackers to spoof GPG keys for a package repository...