Dell Latitude 2110 ships insecure apt configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
base-files (Ubuntu) |
Fix Released
|
High
|
Martin Pitt | ||
Karmic |
Fix Released
|
High
|
Martin Pitt | ||
Lucid |
Fix Released
|
High
|
Martin Pitt | ||
Maverick |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Binary package hint: base-files
The Dell Lattitude 2110 factory pre-installed image is based on Ubuntu Netbook Remix 9.10. Due to a bug in the build process for this OEM image, a configuration variable which was thought to only effect the image build process, actually affected installed systems. The live-helper option LH_APT_SECURE set to "disabled". This resulted in the file /etc/apt/
APT::Get:
Aptitude:
The latter apt setting is the main concern. The setting includes "CmdLine". Not being an apt expert, I'm not sure whether this directly effects Synaptics, Update Manager, however it does open the system up for command-line operations.
This has been blogged about:
http://
The plan is to match on the md5sum of the file if found, and delete it. I will attach the file and md5sum in a comment.
CVE References
Changed in base-files (Ubuntu Karmic): | |
status: | New → Triaged |
Changed in base-files (Ubuntu Lucid): | |
status: | New → Triaged |
Changed in base-files (Ubuntu Maverick): | |
status: | New → Triaged |
Changed in base-files (Ubuntu Karmic): | |
importance: | Undecided → High |
Changed in base-files (Ubuntu Lucid): | |
importance: | Undecided → High |
Changed in base-files (Ubuntu Maverick): | |
importance: | Undecided → High |
Changed in base-files (Ubuntu Maverick): | |
assignee: | nobody → Martin Pitt (pitti) |
Changed in base-files (Ubuntu Lucid): | |
assignee: | nobody → Martin Pitt (pitti) |
Changed in base-files (Ubuntu Karmic): | |
assignee: | nobody → Martin Pitt (pitti) |
visibility: | private → public |
Changed in base-files (Ubuntu Karmic): | |
status: | Fix Released → Incomplete |
Changed in base-files (Ubuntu Karmic): | |
status: | Incomplete → Fix Released |
Changed in base-files (Ubuntu): | |
status: | Fix Released → New |
Changed in base-files (Ubuntu): | |
status: | New → Fix Released |
steve@daphne: /media/ foo/etc/ apt/apt. conf.d$ md5sum 00secure 34ae7d20fa55580 a6 00secure
da402e2c3a805e2