On December 17, Canonical published in a security notice details about a Aptdaemon vulnerability for its Ubuntu 12.04 LTS (Precise Pangolin) and Ubuntu 11.10 (Oneiric Ocelot) operating systems.
According to Canonical, Aptdaemon could have been tricked into installing arbitrary PPA GPG keys.
It was discovered that Aptdaemon incorrectly validated PPA GPG keys when importing from a keyserver.
If a remote attacker were able to perform a man-in-the-middle attack, this flaw could have been exploited in order to install altered package repository GPG keys.
For a more detailed description of the security problems, you can visit Canonical's security
notification.
Users can simply fix the security flaws by upgrading the operating systems to the latest aptdaemon, specific to each distribution.
A normal system update, executed with the Update Manager, is required. After a standard system update you need to reboot your computer to make all the necessary changes.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
