GPGv Security Flaw in APT Package Manager by Debian
CVE-2009-1358

Currently unrated

Key Information:

Vendor

Debian
Status
Apt
Advanced Package Tool
Vendor
CVE Published:
21 April 2009

What is CVE-2009-1358?

APT prior to version 0.7.21 fails to accurately check error codes from gpgv, leading to a scenario where the package manager wrongly considers a repository valid. This could enable remote adversaries to deceive APT into installing repositories that maliciously alter system files or compromise security integrity, particularly when the associated signing key has been revoked or is outdated.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/34874
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1779
vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/34829
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.