CVE-2014-0490

Name of the Vulnerable Software and Affected Versions APT versions prior to 1.0.9

Description The issue concerns the apt-get download command, which fails to properly validate signatures for packages. This allows remote attackers to execute arbitrary code via a crafted package.

Recommendations For APT versions prior to 1.0.9, update to version 1.0.9 or later to resolve the issue.