VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 21, 2009· Updated Apr 23, 2026

CVE-2009-1358

CVE-2009-1358

Description

apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories.

Affected products

180
  • Debian/Advanced Package Tool25 versions
    cpe:2.3:a:debian:advanced_package_tool:*:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:debian:advanced_package_tool:*:*:*:*:*:*:*:*range: <=0.7.20
    • cpe:2.3:a:debian:advanced_package_tool:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.12:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.13:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.14:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.15:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp1:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp2:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.15:exp3:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.16:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.17:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp1:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp2:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp3:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.17:exp4:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.18:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.19:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.2-0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.20.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.20.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:advanced_package_tool:0.7.21:*:*:*:*:*:*:*
  • Debian/Apt155 versions
    cpe:2.3:a:debian:apt:0.0.1:*:*:*:*:*:*:*+ 154 more
    • cpe:2.3:a:debian:apt:0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.13-bo1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.15-0.1bo:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.15-0.2bo:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.16-1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.17-1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.14:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.15:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.16:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.17:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.18:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.19:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.13:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.14:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.15:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.16:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.17:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.18:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.19:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.20:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.21:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.22:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.23:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.24:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.25:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.26:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.27:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.28:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.29:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.30:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.30:ubuntu1:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.30:ubuntu2:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.31:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.32:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.15:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.16:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.17:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.18:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.19:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.20:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.21:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.22:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.23:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.24:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.25:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.27:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.27:ubuntu1:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.27:ubuntu2:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.27:ubuntu3:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.27:ubuntu4:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.28:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.29:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.30:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.31:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.32:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.33:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.34:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.35:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.36:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.36:ubuntu1:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.37:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.38:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.39:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.40:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.40.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.41:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.42:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.42.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.42.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.42.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.43:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.43.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.43.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.43.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.44:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.44.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.44.1-0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.44.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.44.2:exp1:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.45:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.3-0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.3-0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.46.4-0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:apt:0.7.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.