Ubuntu
software-properties package

  1. Bug #1016643
  2. Comment #20

Comment 20 for bug 1016643

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-properties - 0.80.9.2

---------------
software-properties (0.80.9.2) natty-security; urgency=low

  * SECURITY UPDATE: improve gpg key validation to prevent MITM attack
    (LP: #1016643)
    - softwareproperties/ppa.py: download gpg key to temporary keyring, and
      validate using v4 fingerprint before importing to apt keyring.
 -- Marc Deslauriers <email address hidden> Fri, 28 Sep 2012 09:25:17 -0400