*** This bug is a duplicate of bug 346386 ***
https://bugs.launchpad.net/bugs/346386
That's cool. I don't know enough about how update-manager works to be
sure, but it seemed to me that if the wrong person could get an update
request redirected to his own site, the way the hotel redirected mine to
theirs, he could supply hacked "updates" of stuff that runs as root, and
thus take over your system. So I flagged it just in case.
If that's not an issue, great.
On 07/27/2012 04:09 PM, Tyler Hicks wrote:
> Thanks for taking the time to report this bug and helping to make Ubuntu
> better. We appreciate the difficulties you are facing, but this appears
> to be a "regular" (non-security) bug. I have unmarked it as a security
> issue since this bug does not show evidence of allowing attackers to
> cross privilege boundaries nor directly cause loss of data/privacy.
> Please feel free to report any other bugs you may find.
>
> ** Visibility changed to: Public
>
> ** This bug is no longer flagged as a security vulnerability
>
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1030027
Title:
update-manager corrupts package information behind paywall
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1030027/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
