An apt vuln was released today, see these links: https://lists.debian.org/debian-security-announce/2019/msg00010.html https://security-tracker.debian.org/tracker/CVE-2019-3462 https://justi.cz/security/2019/01/22/apt-rce.html?
Since the vulnerability is in the package manager itself, updating is non-trivial. Here is a small ansible playbook + script to update apt securely. It only works on debian stable (stretch). https://gist.github.com/abeluck/67525909a17403060cd1722b53d57d00 commentary: yet another pretty good reason to use HTTPS apt sources by default. any chance this vuln will change the zealots' mind? ~abel
signature.asc
Description: OpenPGP digital signature
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
