Software Properties Exploit Fixed for Multiple OSes

A simple system update will fix the security problems

By on October 2nd, 2012 12:50 GMT

On October 1st, in a security notice Canonical published details about a Software Properties vulnerability for its Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, and Ubuntu 10.04 LTS operating systems.

According to Canonical, Software Properties could be tricked into installing arbitrary PPA GPG keys. The apt-add-repository tool incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.

The security flaw can be fixed if you upgrade your system(s) to the latest python-software-properties. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes.

If you don't know how to update your system, you can check the official Ubuntu wiki.
Ubuntu 10.04 LTS desktop
   Ubuntu 10.04 LTS desktop
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments