CVE-2015-0840

Published: 09 April 2015

The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).

Priority

Medium

Status

Package Release Status
dpkg
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.17.5ubuntu5.4)