========================================================================== Ubuntu Security Notice USN-1694-1 January 17, 2013 rpm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 Summary: RPM could incorrectly validate package signatures. Software Description: - rpm: package manager for RPM Details: It was discovered that RPM incorrectly handled signature checking. An attacker could create a specially-crafted rpm with an invalid signature which could pass the signature validation check. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: rpm 4.10.0-4ubuntu0.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1694-1 CVE-2012-6088 Package Information: https://launchpad.net/ubuntu/+source/rpm/4.10.0-4ubuntu0.1
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.