APT vulnerable to man-in-the-middle attacks since 2010

3 points by gPphX 12 years ago · 1 comment

Reader

This is sort of overblown. The vulnerability is in libcurl, not apt. It only applies to people (and CAs) who are dumb enough to issue certs where there is a wildcarded IP in the CN. I've never seen this in the wild, not that it couldn't happen.

Settings

APT vulnerable to man-in-the-middle attacks since 2010

Keyboard Shortcuts