unattended-upgrades: authentication bypass
| Package(s): | unattended-upgrades |
CVE #(s): | CVE-2015-1330
|
| Created: | June 30, 2015 |
Updated: | July 2, 2015 |
| Description: |
From the Debian advisory:
It was discovered that unattended-upgrades, a script for automatic
installation of security upgrades, did not properly authenticate
downloaded packages when the force-confold or force-confnew dpkg options
were enabled via the DPkg::Options::* apt configuration. |
| Alerts: |
| Debian-LTS |
DLA-265-1 |
unattended-upgrades |
2015-07-02 |
| Ubuntu |
USN-2657-1 |
unattended-upgrades |
2015-06-29 |
| Debian |
DSA-3297-1 |
unattended-upgrades |
2015-06-29 |
|
