should use HTTPS

Bug #1739838 reported by Ryan Finnie on 2017-12-22
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tzsetup (Ubuntu)

Bug Description allows for HTTPS now; tzsetup/geoip_server should use to prevent MITM location information disclosure.

A complication is the d-i server variant (possibly others, but not e.g. desktop LiveCD) do not appear to have a certificate store, so wget will fail against this. I *think* pulling in ca-certificates-udeb would solve this, but I haven't been able to test.

Note also that ubiquity uses geoname-lookup for city searching; that is covered by .

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers