Ubuntu Security Notice 1169-1 - William Grant discovered that APT incorrectly validated inline GPG signatures. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.
150a4d5e8373a702f1e498d0038f36ca9c06e6efaa0ad13e86d4ab73f648a48d