Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE Request -- apt
From: Jamie Strandboge <jamie () canonical com>
Date: Thu, 22 Sep 2011 10:13:47 -0500

On Thu, 2011-09-22 at 10:11 -0500, Jamie Strandboge wrote:
apt-key in Ubuntu is not verifying the key correctly when it is fetched
via 'apt-key net-update'. This was reported here:


and tracked here:

Based on the man page, Debian should not be affected. Derivatives of
Ubuntu probably are.

Forgot to CC security () ubuntu com

Jamie Strandboge             | http://www.canonical.com

Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]