Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request -- apt
From: Josh Bressers <bressers () redhat com>
Date: Fri, 23 Sep 2011 11:34:32 -0400 (EDT)

Please use CVE-2011-3374.

Thanks.

-- 
    JB


----- Original Message -----
apt-key in Ubuntu is not verifying the key correctly when it is
fetched
via 'apt-key net-update'. This was reported here:

http://seclists.org/fulldisclosure/2011/Sep/221

and tracked here:
https://launchpad.net/bugs/856489

Based on the man page, Debian should not be affected. Derivatives of
Ubuntu probably are.

--
Jamie Strandboge             | http://www.canonical.com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]