This bug was fixed in the package apt - 0.7.25.3ubuntu9.9
--------------- apt (0.7.25.3ubuntu9.9) lucid-security; urgency=low
* SECURITY UPDATE: sensitive information disclosure via incorrect hostname validation (LP: #868353) - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST. - CVE-2011-3634 * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472) - cmdline/apt-key: improve key validation. -- Marc Deslauriers <email address hidden> Tue, 22 Nov 2011 13:56:02 -0500
This bug was fixed in the package apt - 0.7.25.3ubuntu9.9
---------------
apt (0.7.25.3ubuntu9.9) lucid-security; urgency=low
* SECURITY UPDATE: sensitive information disclosure via incorrect SSL_VERIFYHOST.
hostname validation (LP: #868353)
- methods/https.cc: properly set CURLOPT_
- CVE-2011-3634
* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
- cmdline/apt-key: improve key validation.
-- Marc Deslauriers <email address hidden> Tue, 22 Nov 2011 13:56:02 -0500