Errata overview
Errata ID 209
Date 2014-09-19
Source package apt
Fixed in version
Multiple issues have been found in the implementation of Secure Apt:
* Incorrect handling of 304 replies (CVE-2014-0487)
* Incorrect invalidation when switching between authenticated and
  unauthenticated sources (CVE-2014-0488)
* Missing verification when using Acquire::Gzip indexes (CVE-2014-0489)
Additionally a regression when file:/// sources are used and those are
on a different partition than the apt state directory, introduced by
the fix for the above issues, has been corrected.
Additional notes
CVE ID CVE-2014-0487
UCS Bug number #35948