USN-1283-1 -- APT vulnerabilityID: oval:org.secpod.oval:def:700660 | Date: (C)2012-01-30 (M)2023-02-20 |
Class: PATCH | Family: unix |
apt: Advanced front-end for dpkg Details: It was discovered that APT incorrectly handled the Verify-Host configuration option. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to steal repository credentials. This issue only affected Ubuntu 10.04 LTS and 10.10. USN-1215-1 fixed a vulnerability in APT by disabling the apt-key net-update option. This update re-enables the option with corrected verification. Original advisory APT could be made to expose sensitive information over the network.
Platform: |
Ubuntu 11.04 |
Ubuntu 8.04 |
Ubuntu 10.04 |
Ubuntu 10.10 |