oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: apt

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Wed, 19 Oct 2011 10:27:35 -0400
Hello,

Could a CVE please be assigned to the following issue:

Apt before 0.8.11 incorrectly handles the Verify-Host configuration
option, resulting in a successful connection instead of a verification
failure when the certificate host name doesn't match.

See:

http://bazaar.launchpad.net/~donkult/apt/sid/revision/2053.1.28
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353


Thanks,

Marc.
Previous By Date Next
Previous By Thread Next

Current thread: