Please support Valid-Until in release files for security.ubuntu.com
Bug #716535 reported by
Michael Vogt
This bug affects 10 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Confirmed
|
Low
|
Unassigned | ||
| Linux Mint |
New
|
Undecided
|
Unassigned | ||
Bug Description
Debian and apt have a new feature that we should support as well:
Valid-Until: header
This prevents "stale-proxy" attacks against our users. It means the Release file needs to get rewrite periodically even if there is nothing to publish. The client verifies after a update that it did the valid-until header is good (e.g. Valid-Until: Sat, 19 Feb 2011 21:32:12 UTC). Without that a attacker who controlls the network can just redirect traffic to a stale version of the archive and prevent the user from getting security updates.
| Changed in launchpad: | |
| status: | New → Triaged |
| importance: | Undecided → Low |
| tags: | added: feature releases |
| tags: |
added: soyuz-publish removed: releases |
| summary: |
- Please support InRelease files and Valid-Until in release files + Please support Valid-Until in release files for security.ubuntu.com |
| description: | updated |
Revision history for this message
| Michael Vogt (mvo) wrote | #1 |
Revision history for this message
| Michael Vogt (mvo) wrote | #2 |
Revision history for this message
| Jacob (jacob11) wrote | #3 |
Revision history for this message
| Alba Nader (sharepass12) wrote | #4 |
Revision history for this message
| chemicalfan (mike-lumsden) wrote | #5 |
Revision history for this message
| Seth Arnold (seth-arnold) wrote | #6 |
| Changed in launchpad: | |
| assignee: | nobody → Julian Andres Klode (juliank) |
| Changed in launchpad: | |
| status: | Triaged → In Progress |
| Changed in launchpad: | |
| assignee: | Julian Andres Klode (juliank) → nobody |
| status: | In Progress → Confirmed |
To post a comment you must log in.
Just to clarify a few points about this:
- initially we only need this for security.ubuntu.com
- every time there is a rewrite of the Release file make Valid-Until valid for two more weeks
- if there was no security update for a week regenerate the valid-until in the release file (and resign of course) and make it valid for 2 weeks again
- when a distro is EOL the Release file does not have to be updated anymore. the user will see errors that $distro-security is no longer valid, but that is ok, because its a valid error and the user is no longer secure