And for more on that topic: https://guardianproject.info/2019/01/23/use-onions-https-for-software-updates/
.hc Abel Luck: > An apt vuln was released today, see these links: > > https://lists.debian.org/debian-security-announce/2019/msg00010.html > https://security-tracker.debian.org/tracker/CVE-2019-3462 > https://justi.cz/security/2019/01/22/apt-rce.html? > > Since the vulnerability is in the package manager itself, updating is > non-trivial. > > Here is a small ansible playbook + script to update apt securely. It > only works on debian stable (stretch). > > https://gist.github.com/abeluck/67525909a17403060cd1722b53d57d00 > > commentary: yet another pretty good reason to use HTTPS apt sources by > default. any chance this vuln will change the zealots' mind? > > ~abel > > > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: [email protected] > -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
