This bug was fixed in the package apt - 0.8.3ubuntu7.3
--------------- apt (0.8.3ubuntu7.3) maverick-security; urgency=low
* SECURITY UPDATE: sensitive information disclosure via incorrect hostname validation (LP: #868353) - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST. - CVE-2011-3634 * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472) - cmdline/apt-key: improve key validation. -- Marc Deslauriers <email address hidden> Tue, 22 Nov 2011 13:50:41 -0500
This bug was fixed in the package apt - 0.8.3ubuntu7.3
---------------
apt (0.8.3ubuntu7.3) maverick-security; urgency=low
* SECURITY UPDATE: sensitive information disclosure via incorrect SSL_VERIFYHOST.
hostname validation (LP: #868353)
- methods/https.cc: properly set CURLOPT_
- CVE-2011-3634
* SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
- cmdline/apt-key: improve key validation.
-- Marc Deslauriers <email address hidden> Tue, 22 Nov 2011 13:50:41 -0500