On Thu, Jun 12, 2014 at 11:44:20AM +0200, Thijs Kinkhorst wrote: > Hi, > > > apt: no authentication checks for source packages > > The Debian security team has assigned CVE-2014-0478 to this issue. > > APT developers: we should fix this in wheezy. Are you able to provide an > update for wheezy for this issue?
Yes, I will work on a backport for this today. > As for squeeze, if it's not too much extra work it would be great if an > update for squeeze was also possible. Perhaps it could also even include > the fix for https://security-tracker.debian.org/tracker/CVE-2011-3634? I look into this too, I don't know yet how much extra work it is. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org