[USN-1694-1] RPM vulnerability
marc.deslauriers at canonical.com
Thu Jan 17 16:14:45 UTC 2013
Ubuntu Security Notice USN-1694-1
January 17, 2013
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
RPM could incorrectly validate package signatures.
- rpm: package manager for RPM
It was discovered that RPM incorrectly handled signature checking. An
attacker could create a specially-crafted rpm with an invalid signature
which could pass the signature validation check.
The problem can be corrected by updating your system to the following
In general, a standard system update will make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 899 bytes
Desc: OpenPGP digital signature
More information about the ubuntu-security-announce