User: Password:
Subscribe / Log in / New account

apt: man-in-the-middle attack

Package(s):apt CVE #(s):CVE-2012-0214
Created:March 6, 2012 Updated:March 7, 2012
Description: From the Ubuntu advisory:

Simon Ruderich discovered that APT incorrectly handled repositories that use InRelease files. The default Ubuntu repositories do not use InRelease files, so this issue only affected third-party repositories. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

Ubuntu USN-1385-1 apt 2012-03-06

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds