oss-sec mailing list archives
Re: CVE Request: apt
From: Josh Bressers <bressers () redhat com>
Date: Thu, 20 Oct 2011 13:09:39 -0400 (EDT)
Please use CVE-2011-3634 Thanks. -- JB ----- Original Message -----
Hello, Could a CVE please be assigned to the following issue: Apt before 0.8.11 incorrectly handles the Verify-Host configuration option, resulting in a successful connection instead of a verification failure when the certificate host name doesn't match. See: http://bazaar.launchpad.net/~donkult/apt/sid/revision/2053.1.28 https://bugs.launchpad.net/ubuntu/+source/apt/+bug/868353 Thanks, Marc.
Current thread:
- CVE Request: apt Marc Deslauriers (Oct 19)
- Re: CVE Request: apt Josh Bressers (Oct 20)