Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 415
Alerts This Week
Warning Icon 1 415

Debian 10.3: 4825-2 Urgent Package Manager Security Flaw

ubuntu
Calendar Grey August 20, 2018
Dist Ubuntu Esm H88
It's crucial to upgrade Ubuntu 18.04 LTS to address the APT security flaw that may lead to compromised package installations. Ensure your system is safeguarded.
An attacker could trick APT into installing altered packages.

Summary

An attacker could trick APT into installing altered packages.

Software Description:

- apt: Advanced front-end for dpkg

Details:

It was discovered that APT incorrectly handled the mirror method

(mirror://). If a remote attacker were able to perform a man-in-the-middle

attack, this flaw could potentially be used to install altered packages in

environments configured to use mirror:// entries.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  apt                             1.6.3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3746-1

CVE-2018-0501

Severity
critical
Lowest
Low
Medium
High
Critical

August 20, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.