CVE-2012-0962

NameCVE-2012-0962
DescriptionAptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
aptdaemonsourcesqueeze(not affected)
aptdaemonsource(unstable)0.45-2low

Notes

[squeeze] - aptdaemon <not-affected> (Vulnerable code not present)
https://bugs.launchpad.net/software-center-agent/+bug/1052789

Search for package or bug name: Reporting problems