Bug#749795: apt: no authentication checks for source packages
On Thu, Jun 12, 2014 at 11:44:20AM +0200, Thijs Kinkhorst wrote:
> Hi,
>
> > apt: no authentication checks for source packages
>
> The Debian security team has assigned CVE-2014-0478 to this issue.
>
> APT developers: we should fix this in wheezy. Are you able to provide an
> update for wheezy for this issue?
Yes, I will work on a backport for this today.
> As for squeeze, if it's not too much extra work it would be great if an
> update for squeeze was also possible. Perhaps it could also even include
> the fix for https://security-tracker.debian.org/tracker/CVE-2011-3634?
I look into this too, I don't know yet how much extra work it is.
Cheers,
Michael
Reply to: