Cup of Linux

Community => Linux News => Topic started by: fchaos on January 22, 2019, 08:30:43 PM

Title: security flaw in APT
Post by: fchaos on January 22, 2019, 08:30:43 PM
just saw this... seems there could be a serious security flaw in some APT-GET based package managers:
https://thehackernews.com/2019/01/linux-apt-http-hacking.html
Title: Re: security flaw in APT
Post by: RTheren on January 23, 2019, 05:14:24 AM
I got updates for APT sooner than I've seen any news about this vulnerability.
There is a way you can enable HTTPS if you want at least.
Title: Re: security flaw in APT
Post by: Spatry on January 23, 2019, 09:21:21 AM
Yep! As soon as a vulnerability is identified, the community sends a patch downstream... Try that, Microsoft!
Title: Re: security flaw in APT
Post by: Will on January 23, 2019, 06:45:46 PM
I'm sure I had an apt update yesterday on one of the VMs on my server. Ubuntu 18.04 runs Unifi (Ubiquiti wifi AP), Samba for house and will have some extremely important reasearch documents for my mum in the near future. It's at this point I now get troubled at things like this.
Also the host is Proxmox which is Debian based.

I liked not caring too much about security in the past.
Title: Re: security flaw in APT
Post by: fchaos on January 23, 2019, 09:47:34 PM
good to hear they are on top of it...

since I don't use an APT version I had no idea, but I figured it might be of interest to those who do.