security flaw in APT
Welcome, Guest.

ANNOUNCEMENT:

Click the CHAT button above for connection details. Show up early, seating is limited, late entries will not be registered.

Author Topic: security flaw in APT  (Read 95 times)

Offline fraterchaos

  • Mandelbrot Metal Mayhem!
  • Staff Member
  • ********
  • Posts: 861
  • Country: us
  • Never underestimate the power of human stupidity
    • Skype
security flaw in APT
« on: January 22, 2019, 08:30:43 PM »
just saw this... seems there could be a serious security flaw in some APT-GET based package managers:
You are not allowed to view links. Register or Login
Science, like Nature, must also be tamed... with a view towards it's preservation. -- Rush

Offline RTheren

  • Jr. Member
  • ***
  • Posts: 42
  • Country: sk
Re: security flaw in APT
« Reply #1 on: January 23, 2019, 05:14:24 AM »
I got updates for APT sooner than I've seen any news about this vulnerability.
There is a way you can enable HTTPS if you want at least.

Offline Spatry

  • Benevolent Dictator
  • Administrator - Sysop
  • **********
  • Posts: 5137
  • Country: us
  • Cup of Linux Founder
    • Cup of Linux
Re: security flaw in APT
« Reply #2 on: January 23, 2019, 09:21:21 AM »
Yep! As soon as a vulnerability is identified, the community sends a patch downstream... Try that, Microsoft!
"Wipe that NERVOUS expression off of your face, 3PO!" -General Leia Organa SWTLJ

Offline Will

  • Spatry's Tardis Operator
  • Contributor
  • *******
  • Posts: 480
  • Country: gb
  • I'll stay on one OS at some point...
Re: security flaw in APT
« Reply #3 on: January 23, 2019, 06:45:46 PM »
I'm sure I had an apt update yesterday on one of the VMs on my server. Ubuntu 18.04 runs Unifi (Ubiquiti wifi AP), Samba for house and will have some extremely important reasearch documents for my mum in the near future. It's at this point I now get troubled at things like this.
Also the host is Proxmox which is Debian based.

I liked not caring too much about security in the past.
Ryzen 5 1600, 16GB(3066MHz), 500GB 850 EVO + 2x1TB Seagate, RX 580 - Windows again :(
Thinkpad T440p, i5-4300m, 8GB(2x4), 240GB Sandisk SSD, 500GB Ultrabay HDD - FreeBSD 12

Offline fraterchaos

  • Mandelbrot Metal Mayhem!
  • Staff Member
  • ********
  • Posts: 861
  • Country: us
  • Never underestimate the power of human stupidity
    • Skype
Re: security flaw in APT
« Reply #4 on: January 23, 2019, 09:47:34 PM »
good to hear they are on top of it...

since I don't use an APT version I had no idea, but I figured it might be of interest to those who do.
Science, like Nature, must also be tamed... with a view towards it's preservation. -- Rush