logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2012-5356

Description

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. #### Bugs * <https://launchpad.net/bugs/1016643>


Affected Package


OS OS Version Package Name Package Version
ubuntu Upstream software-properties any

Related