Wind River Support Network

HomeDefectsLIN8-8345
Fixed

LIN8-8345 : Security Advisory - apt - CVE-2016-1252

Created: Dec 14, 2017    Updated: Dec 3, 2018
Resolved Date: Feb 6, 2018
Found In Version: 8.0.0.24
Fix Version: 8.0.0.25
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures.

https://nvd.nist.gov/vuln/detail/CVE-2016-1252

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube