[Bug 856489] Re: Improper verification of updated key via apt-key net-update
Micah Gersten
launchpad at micahscomputing.com
Wed Sep 28 21:13:49 UTC 2011
** This bug is no longer private so the bug supervisor was unsubscribed.
They will no longer be notified of changes to this bug for privacy
related reasons, but may receive notifications about this bug from other
subscriptions.
** Visibility changed to: Public
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/856489
Title:
Improper verification of updated key via apt-key net-update
Status in “apt” package in Ubuntu:
Fix Released
Status in “apt” source package in Lucid:
Fix Released
Status in “apt” source package in Maverick:
Fix Released
Status in “apt” source package in Natty:
Fix Released
Status in “apt” source package in Oneiric:
Fix Released
Status in “apt” source package in Hardy:
Fix Released
Bug description:
As reported on full-disclosure:
http://seclists.org/fulldisclosure/2011/Sep/221
CVE request here:
http://www.openwall.com/lists/oss-security/2011/09/22/5
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/856489/+subscriptions
More information about the foundations-bugs
mailing list