It was discovered that Aptdaemon incorrectly validated PPA GPG keys when
importing from a keyserver. If a remote attacker were able to perform a
machine-in-the-middle attack, this flaw could be exploited to install altered
package repository GPG keys.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | aptdaemon | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | aptdaemon-data | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon-gtk | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon.gtk3widgets | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon.gtkwidgets | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon.pkcompat | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-aptdaemon.test | < 0.43+bzr805-0ubuntu7 | UNKNOWN |
Ubuntu | 11.10 | noarch | aptdaemon | < 0.43+bzr697-0ubuntu1.3 | UNKNOWN |
Ubuntu | 11.10 | noarch | aptdaemon-data | < 0.43+bzr697-0ubuntu1.3 | UNKNOWN |