85 matches found
CVE-2012-3587
CVE-2012-3587 affects Apt 0.7.x before 0.7.25 and 0.8.x before 0.8.16. The flaw occurs when using apt-key net-update to import keyrings: it relies on GnuPG argument order and does not check GPG subkeys, which could allow remote attackers to install Trojan horse packages via a man-in-the-middle at...
USN-1475-1: APT update
Georgi Guninski discovered that APT relied on GnuPG argument order and did not check GPG subkeys when validating imported keyrings via apt-key net-update. While it appears that a machine-in-the-middle attacker cannot exploit this, as a hardening measure this update adjusts apt-key to validate all...
Ubuntu Update for apt USN-1475-1
Ubuntu Update for Linux kernel vulnerabilities USN-1475-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14751.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apt USN-1475-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1475-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
krb5 security and bug fix update
1.6.1-70.el5 - add upstream patch for telnetd buffer overflow CVE-2011-4862, 770351 1.6.1-69.el5 - ftp: fix a static analysis should-never-happen NULL dereference 750823 1.6.1-68.el5 - backport fixes to teach libkrb5 to use descriptors higher than FDSETSIZE to talk to a KDC by using poll if it's...