diff -Nru apt-0.7.25.3ubuntu9.14/cmdline/apt-get.cc apt-0.7.25.3ubuntu9.15/cmdline/apt-get.cc
--- apt-0.7.25.3ubuntu9.14/cmdline/apt-get.cc	2012-02-29 18:15:32.000000000 +0100
+++ apt-0.7.25.3ubuntu9.15/cmdline/apt-get.cc	2014-06-12 15:09:56.000000000 +0200
@@ -690,25 +690,8 @@
    return true;
 }
 									/*}}}*/
-// CheckAuth - check if each download comes form a trusted source	/*{{{*/
-// ---------------------------------------------------------------------
-/* */
-static bool CheckAuth(pkgAcquire& Fetcher)
+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
 {
-   string UntrustedList;
-   for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
-   {
-      if (!(*I)->IsTrusted())
-      {
-         UntrustedList += string((*I)->ShortDesc()) + " ";
-      }
-   }
-
-   if (UntrustedList == "")
-   {
-      return true;
-   }
-        
    ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"),UntrustedList,"");
 
    if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
@@ -717,6 +700,9 @@
       return true;
    }
 
+   if (PromptUser == false)
+     return _error->Error(_("Some packages could not be authenticated"));
+
    if (_config->FindI("quiet",0) < 2
        && _config->FindB("APT::Get::Assume-Yes",false) == false)
    {
@@ -734,6 +720,27 @@
    return _error->Error(_("There are problems and -y was used without --force-yes"));
 }
 									/*}}}*/
+// CheckAuth - check if each download comes form a trusted source	/*{{{*/
+// ---------------------------------------------------------------------
+/* */
+static bool CheckAuth(pkgAcquire& Fetcher, bool PromptUser=true)
+{
+   string UntrustedList;
+   for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I < Fetcher.ItemsEnd(); ++I)
+   {
+      if (!(*I)->IsTrusted())
+      {
+         UntrustedList += string((*I)->ShortDesc()) + " ";
+      }
+   }
+
+   if (UntrustedList == "")
+   {
+      return true;
+   }
+
+   return AuthPrompt(UntrustedList, PromptUser);
+}
 // InstallPackages - Actually download and install the packages		/*{{{*/
 // ---------------------------------------------------------------------
 /* This displays the informative messages describing what is going to 
@@ -2196,6 +2203,7 @@
    set<string> queued;
    // Load the requestd sources into the fetcher
    unsigned J = 0;
+   std::string UntrustedList;
    for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
    {
       string Src;
@@ -2204,6 +2212,9 @@
       if (Last == 0)
 	 return _error->Error(_("Unable to find a source package for %s"),Src.c_str());
       
+      if (Last->Index().IsTrusted() == false)
+         UntrustedList += Src + " ";
+      
       string srec = Last->AsStr();
       string::size_type pos = srec.find("\nVcs-");
       while (pos != string::npos)
@@ -2290,6 +2301,11 @@
       }
    }
    
+   // check authentication status of the source as well
+   if (UntrustedList != "" && !AuthPrompt(UntrustedList, false))
+      return false;
+   
+   
    // Display statistics
    double FetchBytes = Fetcher.FetchNeeded();
    double FetchPBytes = Fetcher.PartialPresent();
diff -Nru apt-0.7.25.3ubuntu9.14/debian/changelog apt-0.7.25.3ubuntu9.15/debian/changelog
--- apt-0.7.25.3ubuntu9.14/debian/changelog	2012-08-20 14:40:43.000000000 +0200
+++ apt-0.7.25.3ubuntu9.15/debian/changelog	2014-06-12 15:10:56.000000000 +0200
@@ -1,3 +1,10 @@
+apt (0.7.25.3ubuntu9.15) lucid-security; urgency=low
+
+  * SECURITY UPDATE: apt-get source validation (LP: #1329274)
+    - CVE-2014-0478
+
+ -- Michael Vogt <michael.vogt@ubuntu.com>  Thu, 12 Jun 2014 15:10:43 +0200
+
 apt (0.7.25.3ubuntu9.14) lucid-proposed; urgency=low
 
   * ftparchive/override.cc: