Wind River Support Network

HomeDefectsLIN7-9272
Fixed

LIN7-9272 : Security Advisory - apt - CVE-2016-1252

Created: Dec 14, 2017    Updated: Sep 8, 2018
Resolved Date: Feb 26, 2018
Found In Version: 7.0.0.27
Fix Version: 7.0.0.28
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures.

https://nvd.nist.gov/vuln/detail/CVE-2016-1252

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube