[Bug 833994] Please test proposed package

Wed Jun 25 16:36:40 UTC 2014

Hello Leonardo, or anyone else affected,

Accepted debian-installer into precise-proposed. The package will build
now and be available at http://launchpad.net/ubuntu/+source/debian-
installer/20101020ubuntu136.19 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to kickseed in Ubuntu.
https://bugs.launchpad.net/bugs/833994

Title:
  debian-installer does not support https when using with preseed files

Status in “cobbler-enlist” package in Ubuntu:
  Triaged
Status in “debian-installer” package in Ubuntu:
  Fix Released
Status in “debian-installer-utils” package in Ubuntu:
  Fix Released
Status in “kickseed” package in Ubuntu:
  Fix Released
Status in “rootskel” package in Ubuntu:
  Fix Released
Status in “cobbler-enlist” source package in Precise:
  New
Status in “debian-installer” source package in Precise:
  Fix Committed
Status in “debian-installer-utils” source package in Precise:
  Fix Committed
Status in “kickseed” source package in Precise:
  Fix Committed
Status in “rootskel” source package in Precise:
  Fix Committed

Bug description:
  Hi

  As part of a PCI Compliance process we need to ensure that
  confidential information is passed in a secure way. Currently one can
  pxeboot machines and the root password travels encrypted with MD5
  which nowadays is breakable and it is not part of the PCI
  Recommendations as follow below:

  "Render all passwords unreadable during transmission and storage on
  all system components using strong cryptography (defined in PCI DSS
  Glossary of Terms, Abbreviations, and Acronyms)" -
  https://www.trustwave.com/steps_pci_info.php?step=8 where md5 is not a
  part of the examples of the strong cryptography's described in the
  above document.

  Everything else works in the pxeboot, eg getting the kernel and initrd
  through https but the preseed file fails to get downloaded as in the
  example below.

  By appending the following in the pxelinux configuration:
  -- preseed/url=https://host/path/presee.cfg

  Linux version: Ubuntu LTS 10.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cobbler-enlist/+bug/833994/+subscriptions