[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #29158 [Applications/Tor Browser]: Add fix for DSA 4371-1 (apt vulnerability)
#29158: Add fix for DSA 4371-1 (apt vulnerability)
-------------------------------------+-------------------------------------
Reporter: boklm | Owner: tbb-team
Type: defect | Status: new
Priority: High | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: TorBrowserTeam201901,
Severity: Normal | tbb-rbm
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
Debian announced yesterday an important security update for apt:
https://lists.debian.org/debian-security-announce/2019/msg00010.html
In `projects/debootstrap-image` we are downloading an Ubuntu 18.04.1
image, and doing an `apt-get update -y` in it before installing some
packages using an affected apt version.
To avoid this we could download updated apt packages and install them
using `dpkg -i`.
We should also check if the use of debootstrap is affected by the issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29158>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs