Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
172
security advisoryUbuntuman-in-the-middleUbuntu: 3863-2 Critical: APT Man-In-The-Middle Package Installation
An attacker could trick APT into installing altered packages.. =========================================================================Ubuntu Security Notice USN-3863-2 January 22, 2019 apt vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: An attacker could trick APT into installing altered packages. Software Description: - apt: Advanced front-end for dpkg Details: USN-3863-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: apt 0.8.16~exp12ubuntu10.28 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3863-2 https://ubuntu.com/security/notices/USN-3863-1 CVE-2019-3462 . Alert bulletin addresses a cybersecurity risk impacting Ubuntu 12.04 ESM, providing guidance on how to apply necessary patches.. APT Vulnerability, Ubuntu Security Notice, Package Alterations. . Severity: Critical. LinuxSecurity.com Team
Jan 22, 2019
•Critical
Ubuntu
172
security advisorysecurity issuepackage updateUbuntu 18.04 LTS: USN-3863-1 Critical: APT Altered Packages Threat
An attacker could trick APT into installing altered packages.. =========================================================================Ubuntu Security Notice USN-3863-1 January 22, 2019 apt vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: An attacker could trick APT into installing altered packages. Software Description: - apt: Advanced front-end for dpkg Details: Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: apt 1.7.0ubuntu0.1 Ubuntu 18.04 LTS: apt 1.6.6ubuntu0.1 Ubuntu 16.04 LTS: apt 1.2.29ubuntu0.1 Ubuntu 14.04 LTS: apt 1.0.1ubuntu2.19 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3863-1 CVE-2019-3462 Package Information: https://launchpad.net/ubuntu/+source/apt/1.7.0ubuntu0.1 https://launchpad.net/ubuntu/+source/apt/1.6.6ubuntu0.1 https://launchpad.net/ubuntu/+source/apt/1.2.29ubuntu0.1 https://launchpad.net/ubuntu/+source/apt/1.0.1ubuntu2.19 . =========================================================================Ubuntu Security Notice USN-. attacker, trick, installing, altered, packages, ======================================. . Severity: Critical. LinuxSecurity.com Team
Jan 22, 2019
•Critical
Ubuntu
172
security advisorysoftware updateubuntuUbuntu 11.10 and 11.04: USN-1414-1 Critical Aptdaemon Risk
An attacker could trick Aptdaemon into installing altered packages.. =========================================================================Ubuntu Security Notice USN-1414-1 April 02, 2012 aptdaemon vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: An attacker could trick Aptdaemon into installing altered packages. Software Description: - aptdaemon: transaction based package management service Details: It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: python-aptdaemon 0.43+bzr697-0ubuntu1.2 Ubuntu 11.04: python-aptdaemon 0.41+bzr661-0ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1414-1 CVE-2012-0944 Package Information: https://launchpad.net/ubuntu/+source/aptdaemon/0.43+bzr697-0ubuntu1.2 https://launchpad.net/ubuntu/+source/aptdaemon/0.41+bzr661-0ubuntu0.2 . Address Aptdaemon vulnerability affecting package management in Ubuntu versions 11.10 and 11.04. Ensure your system is updated immediately.. Aptdaemon Security, Ubuntu Update, Package Management Issue. . Severity: Critical. LinuxSecurity.com Team
Apr 02, 2012
•Critical
Ubuntu
172
security advisoryubuntuman-in-the-middleUbuntu 11.10 USN-1265-1 Critical: system-config-printer Vulnerability Alert
An attacker could trick system-config-printer into installing altered packages and repositories.. =========================================================================Ubuntu Security Notice USN-1265-1 November 17, 2011 system-config-printer vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: An attacker could trick system-config-printer into installing altered packages and repositories. Software Description: - system-config-printer: Python modules for printer configuration with CUPS Details: Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered packages and repositories. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: python-cupshelpers 1.3.6+20110831-0ubuntu9.4 Ubuntu 11.04: python-cupshelpers 1.3.1+20110222-0ubuntu16.5 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1265-1 CVE-2011-4405 Package Information: https://launchpad.net/ubuntu/+source/system-config-printer/1.3.6+20110831-0ubuntu9.4 https://launchpad.net/ubuntu/+source/system-config-printer/1.3.1+20110222-0ubuntu16.5 . Ubuntu Security Announcement USN-1266-1 addresses a vulnerability in the system-config-printer that permits unauthorized package alterations.. System Config Printer, Security Update, Ubuntu 11.10 Advisory. . Severity: Critical. LinuxSecurity.com Team
Nov 17, 2011
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!