[Bug 947108] Re: InRelease security issue
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Mar 6 16:21:04 UTC 2012
** Changed in: apt (Ubuntu Precise)
Assignee: (unassigned) => Michael Vogt (mvo)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/947108
Title:
InRelease security issue
Status in “apt” package in Ubuntu:
Confirmed
Status in “apt” source package in Natty:
Fix Released
Status in “apt” source package in Oneiric:
Fix Released
Status in “apt” source package in Precise:
Confirmed
Bug description:
There is a security issue in the InRelease code that allows a MITM attack. I prepare a debdiff for natty+ with the fix.
Ubuntu is not directly affected as we do not use the InRelease file but any of our users who does in a repository can
be attacked.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/947108/+subscriptions
More information about the foundations-bugs
mailing list