With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
View 9 Replies
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies View RelatedI'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies View RelatedDoes anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.
View 2 Replies View RelatedI'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View RelatedAfter installing a number of security updates that were listed in the update manager, I can no longer run the "sudo firefox" command.
I got the error message:No protocol specified cannot open display
I found this thread: [url]
Through which I found that I am able to run "sudo firefox" after running:
HTML Code:
I realize this doesn't give you a lot to go on.
Question: Is there a way to view which updates were last installed on my system?
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
Just a week or so back when i run update manager I can no longer install any security updates - its all grey in the tick boxes.
How do I remedy this ?
After doing weekly recommended security update a problem occured, next system boot the network manager applet was missing from panel and I had two volume controls in its place. Logging into other user accounts network manager is there and working. How do I fix this? I have not got a clue! I use a usb hawaweii modem, working fine. Just main user account not net work manager. Im running 9.10 and it has not been a problem before.
View 4 Replies View RelatedTwice this week I've tried to download " Important security updates". Each time the response is:
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
[Code].....
I recently reported a bug in a package, which was fixed upstream and in the Debian package, but the bug was not security-related. The Debian settings on all of the computers is set to receive only the security updates. The other setting for proposed updates, is currently not enabled
Must Proposed Updates be enabled, in order to receive the non-security updates, including the update to the package in question?
What is the easiest and proper way to get security updates for slackware.
View 13 Replies View RelatedIs there a mailing list or an alert where I can subscribe to, so I know if there's critical or moderate patches I have to apply to my Centos 5 servers.
View 5 Replies View RelatedI installed ubuntu a few days ago, today I got like 250mb of security updates to I let them run, then restarted, now it keeps running in low graphics mode, everything looks rubbish and I have no desktop effects, the sound has also stopped working. Everything was great prior to this, I was beginning to love the switch from ms to ubuntu. The sound/video are both via hdmi so I am imagining its something to do with the graphics. I would wipe the system and start fresh but it took me so long to get my sound and wireless working.
View 4 Replies View RelatedI've recently installed the unattended-upgrades package on a few Ubuntu 9.04 servers, and it's working great to automatically install security upgrades. However, is there a way to have non-security upgrades automatically installed as well? The README for unattended-upgrades says it'll do security ones only.
My main goal is to have all package upgrades be installed unattended except for kernel and libc upgrades (I want to do those manually on my own time). I guess I could write a script that does 'apt-show-versions -u' to get a list of upgradable packages and then do 'apt-get install' on the packages if their names don't match linux-server, linux-image-server, or libc*, but I was hoping there's an easier way to accomplish this.
I've looked at 'aptitude safe-upgrade -y', but I think that'll install kernel and libc upgrades.
What's with todays updates? Webkit librarys and Firefox updates. Was there a security issue that's just recently been fixed? Just wondering, I'm obviously going to install them.
View 1 Replies View Relatedis it normal having several security updates week after week in a 10.04 ubuntu lts server distro? Some of them even need a system restart, which I consider truly bad for a web server...
View 1 Replies View RelatedI'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 1 Replies View Related...a malicious individual could damage or take control of your system"See: https://dl-web.dropbox.com/get/Publi...png?w=ae903921and: https://dl-web.dropbox.com/get/Publi...png?w=2c144a02So should I really go ahead and install the updates or what may have gone wrong at the Ubuntu repository?
View 9 Replies View Relatedhow safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies View RelatedIn the past i used OpenSUSE for a few months, in OpenSUSE all updates related to security labeled as "Security Update" like updates related to Firefox, unlike OpenSUSE in the Debian i did can't find a way to detect security updates.
View 5 Replies View RelatedI've been looking for an aptitude command to search for security updates. This information is being shown when running the screen. So far I reached to this command: aptitude search '~S ~VCANDIDATE ~Asecurity ~U' It looks like producing the correct results, but I still don't quite understand the how the filter (~S) command works.
View 3 Replies View RelatedI have been experiencing harassment with my websites being hacked so pardon me if this is an over-paranoid question.
Just recently started on FC11 after having abandoned Fedora for CentOS for a few months. So glad to be back, but...
I have been getting notices about security updates. When I click for the update, I am not asked for the root password and the update occurs.
My system went for three days w/o a software update... Is this normal(anyone experiencing this?)...?
It seems like to me.. Fedora 13 has a longer update interval than Fedora 12.. I remember back in Fedora 12 I get security updates like every other 12 hrs.. (I know as with security patches the less the "better"(in some way))..
But I am still concerned.. security updates has been slow for me.
I'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 5 Replies View RelatedI've a server, and I want to drop all the traffic going out with other source port than 80 (apache) and 22(ssh). The reason is I want to prevent my machine sending packets I don't know (i.e. my server scanning networks or making DDOS attacks without my knowledge). The problem are the updates. If I do what I've said, the updates will not work. I want to allow updates, so I need to let DNS traffic (port 53) and the traffic of the updates to go out.
The problem is the source port. This traffic uses a dynamic port (I think like HTTP). Is there any way to specify a source port to do this? If a have a static port to do this, I would drop all the traffic going out with other port than 22,53,80 and this port.
I looked at the security adviseries page on slackware.org, and noticed only 1 listing for 2010. I'm currently using alien bob's slackware-current script to make a dvd iso (x86_64.) So is this patch already applied or what? How do I go about maintaining a secure system from here? I've tried to search for clues about this but I'm a little confused (very new to slackware,) so I apologize if this question has been answered many times. Also, when a security advisery arrives, do I need to download the updated package? Or can I simply find a patch from a single source and download / apply them? What would you do concerning this issue? I guess easily applying security updates is where debian shines. I'm really starting to like Slackware though, I must admit.
View 2 Replies View RelatedI have been forbidden to enable automatic updates on our Ubuntu servers, for both security and regular packages.When I log into any of my four Ubuntu servers, the welcome message contains this:
39 packages can be updated.
26 updates are security updates.
However, when I run the Nagios plugin that monitors APT, I get:
% /usr/lib/nagios/plugins/check_apt
APT WARNING: 33 packages available for upgrade (0 critical updates).
I need to know how to properly detect that there are pending security updates, and regular updates. Once I can do that, I plan to write a Nagios script that will return WARNING for pending regular updates, and CRITICAL for pending security updates.
