Cloud Foundry Logo
blog single gear
Blog
Security Advisory

USN-3746-1: APT vulnerability

by: September 11, 2018

USN-3746-1: APT vulnerability

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 18.04

Description

It was discovered that APT incorrectly handled the mirror method (mirror://). If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages in environments configured to use mirror:// entries.

Affected Cloud Foundry Products and Versions

Severity is high unless otherwise noted.

  • All versions of Cloud Foundry cflinuxfs3 prior to 0.13.0

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.13.0 or later.

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-3628-1: OpenSSL vulnerability
Security Advisory

USN-3628-1: OpenSSL vulnerability

by Cloud Foundry Foundation Security Team May 9, 2018
USN-6195-1: Vim vulnerabilities
Security Advisory

USN-6195-1: Vim vulnerabilities

by Cloud Foundry Foundation Security Team August 16, 2023
USN-4628-1: Intel Microcode vulnerabilities
Security Advisory

USN-4628-1: Intel Microcode vulnerabilities

by Cloud Foundry Foundation Security Team December 11, 2020
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept