apt bug fixed
|
OK, I will look later, thx
|
interesting read. thanks for the share.
i am by no means any kind of security expert, but thought this was an important paragraph: He also pointed out that, "By default, Debian and Ubuntu both use plain http repositories out of the box." While there's heated debate over whether the more secure https actually improved apt security, Justicz knows his position: "I wouldn't have been able to exploit the Dockerfile at the top of this post if the default package servers had been using https." especially in a day and age when https has come to be fairly universal. |
Not been ignoring this just busy. Always lots of security vulnerabilities ...
Anyways for the record this has been patched in our Ubuntu base: Code:
apt (1.6.6ubuntu0.1) bionic-security; urgency=medium |
All times are GMT -5. The time now is 03:12 PM. |