This bug was fixed in the package software-properties - 0.81.13.5
---------------
software-properties (0.81.13.5) oneiric-security; urgency=low
* SECURITY UPDATE: improve gpg key validation to prevent MITM attack
(LP: #1016643)
- softwareproperties/ppa.py: download gpg key to temporary keyring, and
validate using v4 fingerprint before importing to apt keyring.
-- Marc Deslauriers <[email protected]> Fri, 28 Sep 2012 09:24:18
-0400
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1016643
Title:
add-apt-repository downloads gpg key in an insecure fashion
To manage notifications about this bug go to:
https://bugs.launchpad.net/gnupg/+bug/1016643/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
