First published: Tue Jun 19 2012(Updated: )
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587.
Credit: security@ubuntu.com
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Advanced Package Tool | =0.7.0 | |
Debian Advanced Package Tool | =0.7.1 | |
Debian Advanced Package Tool | =0.7.2 | |
Debian Advanced Package Tool | =0.7.2-0.1 | |
Debian Advanced Package Tool | =0.7.10 | |
Debian Advanced Package Tool | =0.7.11 | |
Debian Advanced Package Tool | =0.7.12 | |
Debian Advanced Package Tool | =0.7.13 | |
Debian Advanced Package Tool | =0.7.14 | |
Debian Advanced Package Tool | =0.7.15 | |
Debian Advanced Package Tool | =0.7.15-exp1 | |
Debian Advanced Package Tool | =0.7.15-exp2 | |
Debian Advanced Package Tool | =0.7.15-exp3 | |
Debian Advanced Package Tool | =0.7.16 | |
Debian Advanced Package Tool | =0.7.17 | |
Debian Advanced Package Tool | =0.7.17-exp1 | |
Debian Advanced Package Tool | =0.7.17-exp2 | |
Debian Advanced Package Tool | =0.7.17-exp3 | |
Debian Advanced Package Tool | =0.7.17-exp4 | |
Debian Advanced Package Tool | =0.7.18 | |
Debian Advanced Package Tool | =0.7.19 | |
Debian Advanced Package Tool | =0.7.20 | |
Debian Advanced Package Tool | =0.7.20.1 | |
Debian Advanced Package Tool | =0.7.20.2 | |
Debian Advanced Package Tool | =0.7.21 | |
Debian Advanced Package Tool | =0.7.22 | |
Debian Advanced Package Tool | =0.7.22.1 | |
Debian Advanced Package Tool | =0.7.22.2 | |
Debian Advanced Package Tool | =0.7.23 | |
Debian Advanced Package Tool | =0.7.23.1 | |
Debian Advanced Package Tool | =0.7.24 | |
Debian Advanced Package Tool | =0.8.0 | |
Debian Advanced Package Tool | =0.8.0-pre1 | |
Debian Advanced Package Tool | =0.8.0-pre2 | |
Debian Advanced Package Tool | =0.8.1 | |
Debian Advanced Package Tool | =0.8.10 | |
Debian Advanced Package Tool | =0.8.10.1 | |
Debian Advanced Package Tool | =0.8.10.2 | |
Debian Advanced Package Tool | =0.8.10.3 | |
Debian Advanced Package Tool | =0.8.11 | |
Debian Advanced Package Tool | =0.8.11.1 | |
Debian Advanced Package Tool | =0.8.11.2 | |
Debian Advanced Package Tool | =0.8.11.3 | |
Debian Advanced Package Tool | =0.8.11.4 | |
Debian Advanced Package Tool | =0.8.11.5 | |
Debian Advanced Package Tool | =0.8.12 | |
Debian Advanced Package Tool | =0.8.13 | |
Debian Advanced Package Tool | =0.8.13.1 | |
Debian Advanced Package Tool | =0.8.13.2 | |
Debian Advanced Package Tool | =0.8.14 | |
Debian Advanced Package Tool | =0.8.14.1 | |
Debian Advanced Package Tool | =0.8.15 | |
Debian Advanced Package Tool | =0.8.15-exp1 | |
Debian Advanced Package Tool | =0.8.15-exp2 | |
Debian Advanced Package Tool | =0.8.15-exp3 | |
Debian Advanced Package Tool | =0.8.15.1 | |
Debian Advanced Package Tool | =0.8.15.6 | |
Debian Advanced Package Tool | =0.8.15.7 | |
Debian Advanced Package Tool | =0.8.15.8 | |
Debian Advanced Package Tool | =0.8.15.9 | |
Debian Advanced Package Tool | =0.8.15.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.