oss-sec mailing list archives
CVE Request: apt
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Wed, 19 Oct 2011 10:27:35 -0400
Hello, Could a CVE please be assigned to the following issue: Apt before 0.8.11 incorrectly handles the Verify-Host configuration option, resulting in a successful connection instead of a verification failure when the certificate host name doesn't match. See: http://bazaar.launchpad.net/~donkult/apt/sid/revision/2053.1.28 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353 Thanks, Marc.
Current thread:
- CVE Request: apt Marc Deslauriers (Oct 19)
- Re: CVE Request: apt Josh Bressers (Oct 20)