Ubuntu
ubiquity package

ubuntu installed through wubi have security updates disabled

Bug #326565 reported by Meigs
256
Affects Status Importance Assigned to Milestone
apt-setup (Ubuntu)
Confirmed
Wishlist
Unassigned
ubiquity (Ubuntu)
Invalid
Low
Unassigned

Bug Description

Many people who use Wubi, I would imagine, are new to Linux. They will, therefor, probably not know about Software Sources. I think in Wubi, Security updates should be activated by default.

Revision history for this message
Hollman Enciso (hollman) wrote :

this is true but it is not a bug, it's more of a recommendation. "wishlist"

Revision history for this message
David Stansby (dstansby-deactivatedaccount) wrote :

This doesn't sound much like a bug. Try posting your idea at http://brainstorm.ubuntu.com/, so developers can have a look at it a see if they want to include it in future releases.

Revision history for this message
Saivann Carignan (oxmosys) wrote :

I confirm this bug report for intrepid. I couldn't test jaunty has wubi isn't ready for it yet.

The initial reporter didn't ask for "pre-installation" of security updates. He was refering to the fact that security updates are disabled after the installation (intrepid-security repository disabled). Shipping ubuntu with security updates disabled is definitively a bug. Since it lead a lot of un-experienced users without any updates against new security flaws, I also think that it needs to be considered seriously by the ubuntu security team.

I'm attaching the /etc/apt/sources.list file of a fresh installation of intrepid through wubi. This file not only demonstrate that intrepid-security is commented but it contains the same installation warning 5 times :

# Line commented out by installer because it failed to verify:
#deb http://security.ubuntu.com/ubuntu intrepid-security main restricted

Revision history for this message
Saivann Carignan (oxmosys) wrote :
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Resetting priority to Wishlist. While it would be nice if -security were enabled, the sources.list provided contains -updates, which gets all security updates after a short lag.

Changed in ubiquity:
importance: High → Wishlist
Revision history for this message
Saivann Carignan (oxmosys) wrote :

Jamie Strandboge : Thanks for the clarification about -updates and -security, I didn't know that security updates always get into -updates after some time. However, wishlist seems wrong to me since it's a bug and not a feature request, low or medium would be more appropriate IMO.

Jamie Strandboge (jdstrand)
Changed in ubiquity:
importance: Wishlist → Low
Revision history for this message
Evan (ev) wrote :

I agree with Hollman, I think this is a feature request and not a bug. However ubiquity is not the correct place for it as filling out sources.list is handled by apt-setup, so I'm moving it there.

Changed in ubiquity:
status: Confirmed → Invalid
Revision history for this message
Evan (ev) wrote :

I'd also suggest that if a change like this be made at all, that it be made irregardless of installation method, as new users are not just confined to Wubi.

You should probably raise the issue on <email address hidden>.

Changed in apt-setup:
importance: Undecided → Wishlist
status: New → Confirmed
Revision history for this message
Saivann Carignan (oxmosys) wrote :

As much as I don't understand how this can be considered as a feature request and not a bug, I accept your decision and I'll follow your suggestion (bring the issue to the ubuntu-devel mailing list).

Revision history for this message
Wouter Stomp (wouterstomp-deactivatedaccount) wrote :

This is probably a duplicate of bug 256098

Revision history for this message
Saivann Carignan (oxmosys) wrote :

Wouter Stomp : Good catch, thanks!

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.