[Bug 1196801] [NEW] on updating from untrusted sources, the default is to continue

Jeff Abrahamson 1196801 at bugs.launchpad.net
Tue Jul 2 05:58:24 UTC 2013 

Public bug reported:

If update-manager decides that the upgrade will involve untrusted
sources, it warns (good) and presents two buttons, "OK"(default)  and
"settings".

What it doesn't do is provide a third button, "Get me out of here!" as
the default, nor a "More info" button that shows me what packages are
untrusted and why.

I am not flagging this is a security vulnerability, but at a social
level, I think it really is.

ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: update-manager 1:0.186
ProcVersionSignature: Ubuntu 3.8.0-25.37-generic 3.8.13
Uname: Linux 3.8.0-25-generic i686
ApportVersion: 2.9.2-0ubuntu8.1
Architecture: i386
Date: Tue Jul  2 06:50:21 2013
DpkgHistoryLog.txt:
 
DpkgTerminalLog.txt:
 
EcryptfsInUse: Yes
GsettingsChanges:
 b'com.ubuntu.update-manager' b'first-run' b'false'
 b'com.ubuntu.update-manager' b'launch-time' b'1372709256'
 b'com.ubuntu.update-manager' b'window-height' b'600'
 b'com.ubuntu.update-manager' b'window-width' b'600'
InstallationDate: Installed on 2010-03-13 (1207 days ago)
InstallationMedia: Ubuntu-Netbook-Remix 9.10 "Karmic Koala" - Release i386 (20091028.4)
MarkForUpload: True
PackageArchitecture: all
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
SourcePackage: update-manager
UpgradeStatus: Upgraded to raring on 2013-04-28 (64 days ago)

** Affects: update-manager (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: apport-bug i386 raring

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1196801

Title:
  on updating from untrusted sources, the default is to continue

Status in “update-manager” package in Ubuntu:
  New

Bug description:
  If update-manager decides that the upgrade will involve untrusted
  sources, it warns (good) and presents two buttons, "OK"(default)  and
  "settings".

  What it doesn't do is provide a third button, "Get me out of here!" as
  the default, nor a "More info" button that shows me what packages are
  untrusted and why.

  I am not flagging this is a security vulnerability, but at a social
  level, I think it really is.

  ProblemType: Bug
  DistroRelease: Ubuntu 13.04
  Package: update-manager 1:0.186
  ProcVersionSignature: Ubuntu 3.8.0-25.37-generic 3.8.13
  Uname: Linux 3.8.0-25-generic i686
  ApportVersion: 2.9.2-0ubuntu8.1
  Architecture: i386
  Date: Tue Jul  2 06:50:21 2013
  DpkgHistoryLog.txt:
   
  DpkgTerminalLog.txt:
   
  EcryptfsInUse: Yes
  GsettingsChanges:
   b'com.ubuntu.update-manager' b'first-run' b'false'
   b'com.ubuntu.update-manager' b'launch-time' b'1372709256'
   b'com.ubuntu.update-manager' b'window-height' b'600'
   b'com.ubuntu.update-manager' b'window-width' b'600'
  InstallationDate: Installed on 2010-03-13 (1207 days ago)
  InstallationMedia: Ubuntu-Netbook-Remix 9.10 "Karmic Koala" - Release i386 (20091028.4)
  MarkForUpload: True
  PackageArchitecture: all
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: update-manager
  UpgradeStatus: Upgraded to raring on 2013-04-28 (64 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1196801/+subscriptions

More information about the foundations-bugs mailing list