CVE-2015-1337
Published: 24 September 2015
Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.
Priority
Status
Package | Release | Status |
---|---|---|
simplestreams Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Released
(0.1.0~bzr341-0ubuntu2.2)
|
|
upstream |
Needs triage
|
|
vivid |
Released
(0.1.0~bzr354-0ubuntu1.15.04.1)
|