Ubuntu Security Notice 1475-1 - Georgi Guninski discovered that APT relied on GnuPG argument order and did not check GPG subkeys when validating imported keyrings via apt-key net-update. While it appears that a man-in-the-middle attacker cannot exploit this, as a hardening measure this update adjusts apt-key to validate all subkeys when checking for key collisions.
c54f5098644121f79f786d26ee2e5582a8bb132ca826107fde250acc9dfdaa18