Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Ubuntu 11.10 and 11.04: USN-1414-1 Critical Aptdaemon Risk

Calendar Apr 02, 2012 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory software update ubuntu package management installation issue aptdaemon altered packages
An attacker could trick Aptdaemon into installing altered packages. 
=========================================================================Ubuntu Security Notice USN-1414-1
April 02, 2012

aptdaemon vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04

Summary:

An attacker could trick Aptdaemon into installing altered packages.

Software Description:
- aptdaemon: transaction based package management service

Details:

It was discovered that Aptdaemon incorrectly handled installing packages
without performing a transaction simulation. An attacker could possibly use
this flaw to install altered packages.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
  python-aptdaemon                0.43+bzr697-0ubuntu1.2

Ubuntu 11.04:
  python-aptdaemon                0.41+bzr661-0ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-1414-1
  CVE-2012-0944

Package Information:
  https://launchpad.net/ubuntu/+source/aptdaemon/0.43+bzr697-0ubuntu1.2
  https://launchpad.net/ubuntu/+source/aptdaemon/0.41+bzr661-0ubuntu0.2

Ubuntu 11.10 and 11.04: USN-1414-1 Critical Aptdaemon Risk

ubuntu
Calendar Grey April 2, 2012
Dist Ubuntu Esm H88
Address Aptdaemon vulnerability affecting package management in Ubuntu versions 11.10 and 11.04. Ensure your system is updated immediately.
An attacker could trick Aptdaemon into installing altered packages.

Summary

Topics%20covered

Topics Covered

security advisory software update ubuntu package management installation issue aptdaemon altered packages

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: python-aptdaemon 0.43+bzr697-0ubuntu1.2 Ubuntu 11.04: python-aptdaemon 0.41+bzr661-0ubuntu0.2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-1414-1

CVE-2012-0944

Severity
critical
Lowest
Low
Medium
High
Critical

April 02, 2012

Topics%20covered

Topics Covered

security advisory software update ubuntu package management installation issue aptdaemon altered packages

Package Information

https://launchpad.net/ubuntu/+source/aptdaemon/0.43+bzr697-0ubuntu1.2 https://launchpad.net/ubuntu/+source/aptdaemon/0.41+bzr661-0ubuntu0.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here