[Bug 1329274] Re: apt-get source fails to warn on unauthenticated packages
TheoB
theo at tbagchus.wanadoo.co.uk
Wed Jun 18 08:38:09 UTC 2014
I don't know why I land up here. The PC tells me there are updates and then it refuses to install the updates. I'm told to check my
connection but my connection is solid !!!
Thank you
Theo
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1329274
Title:
apt-get source fails to warn on unauthenticated packages
Status in APT:
Fix Released
Status in “apt” package in Ubuntu:
In Progress
Status in “apt” source package in Lucid:
Fix Released
Status in “apt” source package in Precise:
Fix Released
Status in “apt” source package in Saucy:
Fix Released
Status in “apt” source package in Trusty:
Fix Released
Status in “apt” source package in Utopic:
In Progress
Bug description:
apt-get source foo will not warn if the repository that foo belongs to
has no signature attached.
It should fails in this case - this is CVE-2014-0478
To manage notifications about this bug go to:
https://bugs.launchpad.net/apt/+bug/1329274/+subscriptions
More information about the foundations-bugs
mailing list