Debian Security Advisory - DSA-3025-1 apt - security update

Anonymous Coward

in linux on 2014-09-18 17:20 (#2SJY)

"We recommend that you upgrade your apt packages." with apt of course... (via https://twitter.com/ioerror)

https://www.debian.org/security/2014/dsa-3025

"It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) and does not properly perform validation for binary packages downloaded by the apt-get download command (CVE-2014-0490)."

History

2014-09-18 21:52

Debian Security Advisory - DSA-3025-1 apt - security update

zafiro17@pipedot.org

"WDe ~~recommend that you upgrade your apt packages." with apt of course... (v~~bian has announced href="https://twitter.com/ioerror">https://twitter.com/ioerror)

href="https://www.debian.org/security/2014/dsa-3025">~~https://www.debi~~a~~n.org/~~ security~~/2014/~~ advisory about its apt-~~3025~~get software, and recommends that you upgrade your apt packages ... with apt, of course.r/>
lockquote>"It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) and does not properly perform validation for binary packages downloaded by the apt-get download command (CVE-2014-0490)."This update comes to you courtesy of the IOERROR Twitter account.

0 comments