2014-06-17 00:46:59 |
Seth Arnold |
bug |
|
|
added bug |
2014-06-17 00:47:25 |
Seth Arnold |
bug task added |
|
unity-scope-click (Ubuntu) |
|
2014-06-17 03:08:33 |
dobey |
bug task added |
|
click-package-index |
|
2014-06-17 19:47:02 |
Martin Albisetti |
click-package-index: assignee |
|
Ricardo Kirkner (ricardokirkner) |
|
2014-06-17 20:12:44 |
Ricardo Kirkner |
bug |
|
|
added subscriber Ricardo Kirkner |
2014-06-17 20:12:47 |
Alejandro J. Cura |
unity-scope-click (Ubuntu): assignee |
|
Alejandro J. Cura (alecu) |
|
2014-06-23 15:02:33 |
Ricardo Kirkner |
affects |
click-package-index |
software-center-agent |
|
2014-07-08 14:44:02 |
Alejandro J. Cura |
bug task added |
|
ubuntu-system-settings (Ubuntu) |
|
2014-07-08 15:53:06 |
Sebastien Bacher |
tags |
|
updates |
|
2014-07-14 07:54:26 |
Michael Vogt |
branch linked |
|
lp:~mvo/click/debsigs-verify |
|
2014-07-15 08:49:57 |
Michael Vogt |
click (Ubuntu): status |
New |
In Progress |
|
2014-07-15 08:50:01 |
Michael Vogt |
click (Ubuntu): importance |
Undecided |
High |
|
2014-07-16 21:17:38 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): importance |
Undecided |
High |
|
2014-07-16 21:17:38 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): status |
New |
Triaged |
|
2014-07-16 21:17:38 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): assignee |
|
Diego Sarmentero (diegosarmentero) |
|
2014-07-16 21:17:56 |
Pat McGowan |
tags |
updates |
rtm14 updates |
|
2014-07-22 17:21:02 |
dobey |
unity-scope-click (Ubuntu): importance |
Undecided |
High |
|
2014-07-23 14:25:40 |
Ricardo Kirkner |
bug task added |
|
unity-scope-click |
|
2014-07-23 14:27:26 |
Ricardo Kirkner |
bug task added |
|
click-package-index |
|
2014-07-23 14:28:02 |
Ricardo Kirkner |
click-package-index: assignee |
|
James Tait (jamestait) |
|
2014-08-01 18:03:41 |
Ubuntu One Auto Pilot |
click-package-index: status |
New |
Fix Committed |
|
2014-08-03 21:53:41 |
James Tait |
click-package-index: assignee |
James Tait (jamestait) |
|
|
2014-08-04 17:55:39 |
Ricardo Kirkner |
software-center-agent: status |
New |
In Progress |
|
2014-08-04 18:04:11 |
Ricardo Kirkner |
software-center-agent: status |
In Progress |
Fix Committed |
|
2014-08-12 16:44:34 |
Colin Watson |
click (Ubuntu): assignee |
|
Michael Vogt (mvo) |
|
2014-08-12 18:05:08 |
Launchpad Janitor |
branch linked |
|
lp:click/devel |
|
2014-08-13 14:49:11 |
Launchpad Janitor |
branch linked |
|
lp:~alecu/unity-scope-click/verify-sha512 |
|
2014-08-13 14:50:08 |
Alejandro J. Cura |
unity-scope-click (Ubuntu): status |
New |
In Progress |
|
2014-08-13 15:03:00 |
Ricardo Kirkner |
software-center-agent: status |
Fix Committed |
Fix Released |
|
2014-08-15 20:17:02 |
Ricardo Kirkner |
click-package-index: status |
Fix Committed |
Fix Released |
|
2014-08-19 18:21:21 |
PS Jenkins bot |
unity-scope-click: status |
New |
Fix Committed |
|
2014-08-19 21:20:40 |
Alejandro J. Cura |
unity-scope-click (Ubuntu): status |
In Progress |
Fix Committed |
|
2014-08-21 22:48:23 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/utopic-proposed/unity-scope-click |
|
2014-08-21 23:57:25 |
Launchpad Janitor |
unity-scope-click (Ubuntu): status |
Fix Committed |
Fix Released |
|
2014-08-22 14:18:31 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/utopic-proposed/click |
|
2014-08-22 19:07:42 |
Launchpad Janitor |
click (Ubuntu): status |
In Progress |
Fix Released |
|
2014-08-25 12:25:17 |
Jamie Strandboge |
ubuntu-system-settings (Ubuntu): status |
Triaged |
Incomplete |
|
2014-08-25 12:43:20 |
Alejandro J. Cura |
ubuntu-system-settings (Ubuntu): status |
Incomplete |
Triaged |
|
2014-09-26 13:05:57 |
Alejandro J. Cura |
ubuntu-system-settings (Ubuntu): importance |
High |
Critical |
|
2014-09-26 15:03:50 |
Pat McGowan |
tags |
rtm14 updates |
rtm14 touch-2014-10-09 updates |
|
2014-09-29 12:41:45 |
Diego Sarmentero |
ubuntu-system-settings (Ubuntu): status |
Triaged |
In Progress |
|
2014-09-30 14:41:33 |
Launchpad Janitor |
branch linked |
|
lp:~diegosarmentero/ubuntu-system-settings/check-hash |
|
2014-10-10 19:30:26 |
Pat McGowan |
tags |
rtm14 touch-2014-10-09 updates |
rtm14 touch-2014-10-16 updates |
|
2014-10-16 18:22:37 |
Olli Ries |
tags |
rtm14 touch-2014-10-16 updates |
rtm14 touch-2014-10-23 updates |
|
2014-10-22 21:54:35 |
Victor Tuson Palau |
tags |
rtm14 touch-2014-10-23 updates |
ota-1 rtm14 updates |
|
2014-11-14 16:10:15 |
dobey |
bug task deleted |
unity-scope-click |
|
|
2014-11-14 16:17:44 |
Thomas Strehl |
ubuntu-system-settings (Ubuntu): assignee |
Diego Sarmentero (diegosarmentero) |
Sebastien Bacher (seb128) |
|
2014-11-14 16:27:40 |
Sebastien Bacher |
ubuntu-system-settings (Ubuntu): assignee |
Sebastien Bacher (seb128) |
|
|
2014-11-14 16:44:24 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): assignee |
|
Ken VanDine (ken-vandine) |
|
2014-11-26 19:02:27 |
Olli Ries |
canonical-devices-system-image: importance |
Undecided |
High |
|
2014-11-26 19:02:27 |
Olli Ries |
canonical-devices-system-image: status |
New |
Confirmed |
|
2014-11-26 19:02:27 |
Olli Ries |
canonical-devices-system-image: milestone |
|
r1 |
|
2014-11-26 19:02:27 |
Olli Ries |
canonical-devices-system-image: assignee |
|
Canonical Devices Products (canonical-devices-products-team) |
|
2015-01-16 17:18:13 |
peterstan |
ubuntu-system-settings (Ubuntu): status |
In Progress |
New |
|
2015-01-16 17:18:29 |
peterstan |
ubuntu-system-settings (Ubuntu): status |
New |
Confirmed |
|
2015-01-16 17:18:38 |
peterstan |
ubuntu-system-settings (Ubuntu): assignee |
Ken VanDine (ken-vandine) |
peterstan (stasnel) |
|
2015-01-16 18:16:51 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww51-2014 |
ww05-2015 |
|
2015-01-16 18:18:38 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): assignee |
peterstan (stasnel) |
Sebastien Bacher (seb128) |
|
2015-01-16 18:23:15 |
Pat McGowan |
ubuntu-system-settings (Ubuntu): assignee |
Sebastien Bacher (seb128) |
Manuel de la Peña (mandel) |
|
2015-01-21 19:32:10 |
Ken VanDine |
bug task added |
|
ubuntu-system-settings (Ubuntu RTM) |
|
2015-01-21 19:32:24 |
Ken VanDine |
ubuntu-system-settings (Ubuntu RTM): status |
New |
Confirmed |
|
2015-01-21 19:32:27 |
Ken VanDine |
ubuntu-system-settings (Ubuntu RTM): importance |
Undecided |
Critical |
|
2015-01-21 19:32:40 |
Ken VanDine |
ubuntu-system-settings (Ubuntu RTM): assignee |
|
Manuel de la Peña (mandel) |
|
2015-01-23 11:00:59 |
Launchpad Janitor |
branch linked |
|
lp:~mandel/ubuntu-download-manager/check-hash |
|
2015-01-23 11:04:49 |
Manuel de la Peña |
branch linked |
|
lp:~mandel/ubuntu-system-settings/check-hash |
|
2015-01-23 19:42:55 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/vivid-proposed/ubuntu-system-settings |
|
2015-01-23 20:27:48 |
Launchpad Janitor |
ubuntu-system-settings (Ubuntu): status |
Confirmed |
Fix Released |
|
2015-01-23 21:50:25 |
Launchpad Janitor |
branch linked |
|
lp:~ken-vandine/ubuntu-system-settings/rtm-check-hash |
|
2015-01-24 21:00:50 |
Ken VanDine |
ubuntu-system-settings (Ubuntu): status |
Fix Released |
In Progress |
|
2015-01-28 15:34:12 |
Pat McGowan |
canonical-devices-system-image: status |
Confirmed |
In Progress |
|
2015-01-28 15:34:17 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww05-2015 |
ww07-2015 |
|
2015-02-12 20:20:22 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww07-2015 |
ww09-2015 |
|
2015-02-12 20:20:22 |
Pat McGowan |
canonical-devices-system-image: assignee |
Canonical Devices Products (canonical-devices-products-team) |
Bill Filler (bfiller) |
|
2015-02-12 21:30:04 |
Ken VanDine |
bug task added |
|
ubuntu-download-manager (Ubuntu) |
|
2015-02-12 21:30:25 |
Ken VanDine |
bug task added |
|
ubuntu-download-manager (Ubuntu RTM) |
|
2015-02-12 21:30:40 |
Ken VanDine |
ubuntu-download-manager (Ubuntu RTM): importance |
Undecided |
Critical |
|
2015-02-12 21:30:44 |
Ken VanDine |
ubuntu-download-manager (Ubuntu): importance |
Undecided |
Critical |
|
2015-02-12 21:30:52 |
Ken VanDine |
ubuntu-download-manager (Ubuntu RTM): status |
New |
Confirmed |
|
2015-02-12 21:30:54 |
Ken VanDine |
ubuntu-download-manager (Ubuntu): status |
New |
Confirmed |
|
2015-02-12 21:31:04 |
Ken VanDine |
ubuntu-download-manager (Ubuntu): assignee |
|
Manuel de la Peña (mandel) |
|
2015-02-12 21:31:14 |
Ken VanDine |
ubuntu-download-manager (Ubuntu RTM): assignee |
|
Manuel de la Peña (mandel) |
|
2015-02-26 16:09:26 |
Manuel de la Peña |
branch linked |
|
lp:~mandel/ubuntu-download-manager/general-errors |
|
2015-02-26 16:09:47 |
Manuel de la Peña |
branch linked |
|
lp:~mandel/ubuntu-download-manager/general-errors-rtm |
|
2015-03-10 19:24:35 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww09-2015 |
ww11-2015 |
|
2015-03-10 19:29:47 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww11-2015 |
ww13-2015 |
|
2015-03-10 19:30:06 |
Pat McGowan |
bug task deleted |
ubuntu-download-manager (Ubuntu RTM) |
|
|
2015-03-10 19:30:14 |
Pat McGowan |
bug task deleted |
ubuntu-system-settings (Ubuntu RTM) |
|
|
2015-04-09 02:00:57 |
Bill Filler |
canonical-devices-system-image: assignee |
Bill Filler (bfiller) |
Ricardo Salveti (rsalveti) |
|
2015-04-09 02:01:03 |
Bill Filler |
canonical-devices-system-image: milestone |
ww13-2015 |
ww17-2015 |
|
2015-04-14 13:25:06 |
Ricardo Salveti |
canonical-devices-system-image: assignee |
Ricardo Salveti (rsalveti) |
Canonical Phone Foundations (canonical-phonedations-team) |
|
2015-04-30 22:08:05 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww17-2015 |
ww21-2015 |
|
2015-06-10 18:35:07 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww21-2015 |
ww26-2015 |
|
2015-06-10 18:35:07 |
Pat McGowan |
canonical-devices-system-image: assignee |
Canonical Phone Foundations (canonical-phonedations-team) |
John McAleely (john.mcaleely) |
|
2015-07-07 17:39:06 |
Pat McGowan |
canonical-devices-system-image: milestone |
ww26-2015 |
ww34-2015 |
|
2015-07-23 16:33:42 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/wily/ubuntu-download-manager/wily-proposed |
|
2015-07-31 19:09:36 |
Pat McGowan |
canonical-devices-system-image: status |
In Progress |
Fix Committed |
|
2015-08-31 15:18:06 |
Pat McGowan |
canonical-devices-system-image: status |
Fix Committed |
Fix Released |
|
2015-12-11 01:19:38 |
Colin Watson |
branch unlinked |
lp:click/devel |
|
|
2016-04-07 13:42:15 |
Jonas G. Drange |
ubuntu-system-settings (Ubuntu): status |
In Progress |
Fix Released |
|
2019-03-29 11:57:16 |
smith leeza |
summary |
click packages rely upon tls for integrity and authenticity |
Indications of Anxiety Disorder and Depression |
|
2019-03-29 11:57:42 |
smith leeza |
description |
Hello, I just completed a quick review of the click source and the unity-scope-click source and behaviours, and found some opportunities for improvement.
Debian, and Ubuntu, rely upon signed repository files with cryptographic hashes of packages to provide both integrity and authenticity checks for the packages hosted on that repository.
The click framework and the unity-scope-click discovery and installation tool do not use signed repository files, nor do they have signatures of any sort on downloaded packages. The only integrity and authenticity checks are provided by the use of HTTPS. The click verify command will check files within the archive against MD5sums stored inside the archive but the click verify command is not used during package installation. (This is suitable for validating integrity against accidental changes only.)
While it appears that unity-scope-click properly uses HTTPS to download package metadata and packages, HTTPS alone is insufficient for our needs:
- Someone in a position to create new certificates at any of several hundred certificate authorities could create certificates purporting to be our update servers. This actual problem has been discovered in the wild with several certificate authorities issuing wild-card certificates or even certificates with signing authority.
- X.509 is extremely complicated; TLS is extremely complicated. Flaws in both are inevitable.
- HTTPS prevents the use of caching.
- HTTPS only 'works' for data-in-motion; it is useless for data-at-rest integrity and authenticity checks.
I have not yet reviewed the tools that application authors will use to upload their packages to our distribution servers but note in passing that most of these issues are also issues for adding packages to our update servers -- packages in flight within our network can be corrupted for many reasons, packages on disk can be corrupted for many reasons. A signature mechanism can protect against internal network faults, storage faults, and provide assurance months or years later that an uploaded package was uploaded by someone in control of a corresponding private key.
Thanks |
Hello, I just completed a quick review of the click source and the unity-scope-click source and behaviours, and found some opportunities for improvement.
https://usapillspharma.com/
Debian, and Ubuntu, rely upon signed repository files with cryptographic hashes of packages to provide both integrity and authenticity checks for the packages hosted on that repository.
The click framework and the unity-scope-click discovery and installation tool do not use signed repository files, nor do they have signatures of any sort on downloaded packages. The only integrity and authenticity checks are provided by the use of HTTPS. The click verify command will check files within the archive against MD5sums stored inside the archive but the click verify command is not used during package installation. (This is suitable for validating integrity against accidental changes only.)
While it appears that unity-scope-click properly uses HTTPS to download package metadata and packages, HTTPS alone is insufficient for our needs:
- Someone in a position to create new certificates at any of several hundred certificate authorities could create certificates purporting to be our update servers. This actual problem has been discovered in the wild with several certificate authorities issuing wild-card certificates or even certificates with signing authority.
- X.509 is extremely complicated; TLS is extremely complicated. Flaws in both are inevitable.
- HTTPS prevents the use of caching.
- HTTPS only 'works' for data-in-motion; it is useless for data-at-rest integrity and authenticity checks.
I have not yet reviewed the tools that application authors will use to upload their packages to our distribution servers but note in passing that most of these issues are also issues for adding packages to our update servers -- packages in flight within our network can be corrupted for many reasons, packages on disk can be corrupted for many reasons. A signature mechanism can protect against internal network faults, storage faults, and provide assurance months or years later that an uploaded package was uploaded by someone in control of a corresponding private key.
Thanks |
|
2019-03-29 12:18:43 |
Colin Watson |
summary |
Indications of Anxiety Disorder and Depression |
click packages rely upon tls for integrity and authenticity |
|
2019-03-29 12:18:54 |
Colin Watson |
description |
Hello, I just completed a quick review of the click source and the unity-scope-click source and behaviours, and found some opportunities for improvement.
https://usapillspharma.com/
Debian, and Ubuntu, rely upon signed repository files with cryptographic hashes of packages to provide both integrity and authenticity checks for the packages hosted on that repository.
The click framework and the unity-scope-click discovery and installation tool do not use signed repository files, nor do they have signatures of any sort on downloaded packages. The only integrity and authenticity checks are provided by the use of HTTPS. The click verify command will check files within the archive against MD5sums stored inside the archive but the click verify command is not used during package installation. (This is suitable for validating integrity against accidental changes only.)
While it appears that unity-scope-click properly uses HTTPS to download package metadata and packages, HTTPS alone is insufficient for our needs:
- Someone in a position to create new certificates at any of several hundred certificate authorities could create certificates purporting to be our update servers. This actual problem has been discovered in the wild with several certificate authorities issuing wild-card certificates or even certificates with signing authority.
- X.509 is extremely complicated; TLS is extremely complicated. Flaws in both are inevitable.
- HTTPS prevents the use of caching.
- HTTPS only 'works' for data-in-motion; it is useless for data-at-rest integrity and authenticity checks.
I have not yet reviewed the tools that application authors will use to upload their packages to our distribution servers but note in passing that most of these issues are also issues for adding packages to our update servers -- packages in flight within our network can be corrupted for many reasons, packages on disk can be corrupted for many reasons. A signature mechanism can protect against internal network faults, storage faults, and provide assurance months or years later that an uploaded package was uploaded by someone in control of a corresponding private key.
Thanks |
Hello, I just completed a quick review of the click source and the unity-scope-click source and behaviours, and found some opportunities for improvement.
Debian, and Ubuntu, rely upon signed repository files with cryptographic hashes of packages to provide both integrity and authenticity checks for the packages hosted on that repository.
The click framework and the unity-scope-click discovery and installation tool do not use signed repository files, nor do they have signatures of any sort on downloaded packages. The only integrity and authenticity checks are provided by the use of HTTPS. The click verify command will check files within the archive against MD5sums stored inside the archive but the click verify command is not used during package installation. (This is suitable for validating integrity against accidental changes only.)
While it appears that unity-scope-click properly uses HTTPS to download package metadata and packages, HTTPS alone is insufficient for our needs:
- Someone in a position to create new certificates at any of several hundred certificate authorities could create certificates purporting to be our update servers. This actual problem has been discovered in the wild with several certificate authorities issuing wild-card certificates or even certificates with signing authority.
- X.509 is extremely complicated; TLS is extremely complicated. Flaws in both are inevitable.
- HTTPS prevents the use of caching.
- HTTPS only 'works' for data-in-motion; it is useless for data-at-rest integrity and authenticity checks.
I have not yet reviewed the tools that application authors will use to upload their packages to our distribution servers but note in passing that most of these issues are also issues for adding packages to our update servers -- packages in flight within our network can be corrupted for many reasons, packages on disk can be corrupted for many reasons. A signature mechanism can protect against internal network faults, storage faults, and provide assurance months or years later that an uploaded package was uploaded by someone in control of a corresponding private key.
Thanks |
|
2022-07-26 07:46:05 |
Luís Infante da Câmara |
ubuntu-download-manager (Ubuntu): status |
Confirmed |
Fix Released |
|
2022-07-26 14:13:29 |
Brian Murray |
ubuntu-download-manager (Ubuntu Vivid): status |
New |
Won't Fix |
|