Ubuntu Security :: "Software Updates Can't Be Authenticated?
Apr 24, 2011
...a malicious individual could damage or take control of your system"See: https://dl-web.dropbox.com/get/Publi...png?w=ae903921and: https://dl-web.dropbox.com/get/Publi...png?w=2c144a02So should I really go ahead and install the updates or what may have gone wrong at the Ubuntu repository?
View 9 Replies
ADVERTISEMENT
Jan 2, 2011
I was planning to re-install ufw. When I selected it and then install in Synaptic Package Manager a box appeared saying ufw was not authenticated.
View 2 Replies
View Related
Apr 16, 2010
I want to limit what a authenticated user can do on my Linux server. I've set the default shell to rbash, but I know a knowledgeable user can switch shells. Can I use file permissions to deny execution rights to /bin/bash to anyone who is not in a particular group? And if that works, how do I find out what other shells are installed on my server (Ubuntu 9.10)?
View 7 Replies
View Related
Mar 25, 2011
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
View 2 Replies
View Related
Apr 2, 2010
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies
View Related
Aug 14, 2010
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
View 2 Replies
View Related
Oct 25, 2010
With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
View 9 Replies
View Related
Apr 8, 2010
Does anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
View 9 Replies
View Related
Aug 25, 2010
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies
View Related
Jan 2, 2010
Just a week or so back when i run update manager I can no longer install any security updates - its all grey in the tick boxes.
How do I remedy this ?
View 5 Replies
View Related
Jun 4, 2010
After doing weekly recommended security update a problem occured, next system boot the network manager applet was missing from panel and I had two volume controls in its place. Logging into other user accounts network manager is there and working. How do I fix this? I have not got a clue! I use a usb hawaweii modem, working fine. Just main user account not net work manager. Im running 9.10 and it has not been a problem before.
View 4 Replies
View Related
Jul 29, 2011
Twice this week I've tried to download " Important security updates". Each time the response is:
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
[Code].....
View 6 Replies
View Related
Mar 27, 2010
I installed ubuntu a few days ago, today I got like 250mb of security updates to I let them run, then restarted, now it keeps running in low graphics mode, everything looks rubbish and I have no desktop effects, the sound has also stopped working. Everything was great prior to this, I was beginning to love the switch from ms to ubuntu. The sound/video are both via hdmi so I am imagining its something to do with the graphics. I would wipe the system and start fresh but it took me so long to get my sound and wireless working.
View 4 Replies
View Related
May 25, 2010
I've recently installed the unattended-upgrades package on a few Ubuntu 9.04 servers, and it's working great to automatically install security upgrades. However, is there a way to have non-security upgrades automatically installed as well? The README for unattended-upgrades says it'll do security ones only.
My main goal is to have all package upgrades be installed unattended except for kernel and libc upgrades (I want to do those manually on my own time). I guess I could write a script that does 'apt-show-versions -u' to get a list of upgradable packages and then do 'apt-get install' on the packages if their names don't match linux-server, linux-image-server, or libc*, but I was hoping there's an easier way to accomplish this.
I've looked at 'aptitude safe-upgrade -y', but I think that'll install kernel and libc upgrades.
View 3 Replies
View Related
Oct 23, 2010
What's with todays updates? Webkit librarys and Firefox updates. Was there a security issue that's just recently been fixed? Just wondering, I'm obviously going to install them.
View 1 Replies
View Related
Nov 18, 2010
is it normal having several security updates week after week in a 10.04 ubuntu lts server distro? Some of them even need a system restart, which I consider truly bad for a web server...
View 1 Replies
View Related
Mar 7, 2011
I'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 1 Replies
View Related
Jul 17, 2011
how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies
View Related
Sep 3, 2011
I recently reported a bug in a package, which was fixed upstream and in the Debian package, but the bug was not security-related. The Debian settings on all of the computers is set to receive only the security updates. The other setting for proposed updates, is currently not enabled
Must Proposed Updates be enabled, in order to receive the non-security updates, including the update to the package in question?
View 4 Replies
View Related
Jun 20, 2011
What is the easiest and proper way to get security updates for slackware.
View 13 Replies
View Related
Dec 2, 2009
Is there a mailing list or an alert where I can subscribe to, so I know if there's critical or moderate patches I have to apply to my Centos 5 servers.
View 5 Replies
View Related
Oct 15, 2010
I have been forbidden to enable automatic updates on our Ubuntu servers, for both security and regular packages.When I log into any of my four Ubuntu servers, the welcome message contains this:
39 packages can be updated.
26 updates are security updates.
However, when I run the Nagios plugin that monitors APT, I get:
% /usr/lib/nagios/plugins/check_apt
APT WARNING: 33 packages available for upgrade (0 critical updates).
I need to know how to properly detect that there are pending security updates, and regular updates. Once I can do that, I plan to write a Nagios script that will return WARNING for pending regular updates, and CRITICAL for pending security updates.
View 1 Replies
View Related
Jan 13, 2010
Why can't Ubuntu store configuration information in a way that it wouldn't need to be clobbered in order to apply security updates? For example, this mornings updates told me I had to choose between using a new version of smb.conf that's part of the security patches, stick with the old version, or let the update installer merge them. Of course, the first two choices have obvious drawbacks: why should I have to choose between losing all my SMB settings or refusing security fixes? So I chose the merge, which came back with "Conflicts found during three-way merge! edit `/etc/samba/smb.conf' and sort them out manually."
View 5 Replies
View Related
May 8, 2010
Is there a way to make Clam update the signatures automatically? I cannot see an option in Clam TK.
View 1 Replies
View Related
Jul 7, 2010
I'm completely new to Ubuntu and only installed yesterday for the first time. The install worked fine. After booting it asked me to install updates. I did this and now when I boot i get:
Gave up waiting for root device. Common Problems:
- Boot args (cat /proc/cmdline)
- Check rootdelay= (did the system wait long enough)
- Check root= (did the system wait for the right device)
- Missing modules (cat /proc/modules: ls /dev)
ALERT! /dev/disk/by-uuid/blah blah does not exist. Dropping to a shell Now I've tried searching through the forums and I've seen people with similar problems however none of the solutions suggested to them have worked. The only thing that may work if it is explained to me how to do it is in Grub 2 it is looking for a UUID. Now I tried editing this on startup to /dev/sda5 instead and it loads. Only thing is I read that this is temporary and would have to do it each time which means it's a workaround not a solution. As I explained at the start, first time of using Ubuntu and so far haven't been particularly impressed as I have another problem with the processor being used up by loads of 'udevd
View 8 Replies
View Related
Apr 22, 2011
A few weeks ago I did a WUBI 10.04 LTS install on a Windows XP desktop that went perfect. System ran great until this morning. I was prompted to install "Security Updates", which I allowed the system to do, but thereafter was unable to boot. What happens is at the point of selecting either Windows or Ubuntu for booting, and I choose Ubuntu, the computer goes right back into a re-boot process and brings me back to the Windows/Ubuntu boot selection prompt. It doesn't even bring me into the secondary boot level of asking which type of Ubuntu boot I want (generic, etc.). Is there a solution for this problem besides reinstalling Ubuntu?
View 1 Replies
View Related
Jul 20, 2015
In the past i used OpenSUSE for a few months, in OpenSUSE all updates related to security labeled as "Security Update" like updates related to Firefox, unlike OpenSUSE in the Debian i did can't find a way to detect security updates.
View 5 Replies
View Related
Apr 30, 2010
I've been looking for an aptitude command to search for security updates. This information is being shown when running the screen. So far I reached to this command: aptitude search '~S ~VCANDIDATE ~Asecurity ~U' It looks like producing the correct results, but I still don't quite understand the how the filter (~S) command works.
View 3 Replies
View Related
Nov 14, 2009
I have been experiencing harassment with my websites being hacked so pardon me if this is an over-paranoid question.
Just recently started on FC11 after having abandoned Fedora for CentOS for a few months. So glad to be back, but...
I have been getting notices about security updates. When I click for the update, I am not asked for the root password and the update occurs.
View 12 Replies
View Related
Oct 4, 2010
My system went for three days w/o a software update... Is this normal(anyone experiencing this?)...?
It seems like to me.. Fedora 13 has a longer update interval than Fedora 12.. I remember back in Fedora 12 I get security updates like every other 12 hrs.. (I know as with security patches the less the "better"(in some way))..
But I am still concerned.. security updates has been slow for me.
View 3 Replies
View Related