CVE-2009-1300

Related Files

Debian Linux Security Advisory 1779-1

Posted Apr 28, 2009

Authored by Debian | Site debian.org

Debian Security Advisory 1779-1 - Two vulnerabilities have been discovered in APT, the well-known dpkg frontend.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2009-1300, CVE-2009-1358

SHA-256 | 666473d9325824b89cca75552369538408ab331e9192631b884e06d1abd17665

Download | Favorite | View

Ubuntu Security Notice 762-1

Posted Apr 21, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-762-1 - Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become permanently disabled. Michael Casadevall discovered that APT did not properly verify repositories signed with a revoked or expired key. If a repository were signed with only an expired or revoked key and the signature was otherwise valid, APT would consider the repository valid.

tags | advisory

systems | linux, ubuntu

advisories | CVE-2009-1300

SHA-256 | 975eacfd0addf18325b1120ebc834dbbeaecfaecf5d79a606c1bcac81f2293bb

Download | Favorite | View