[Bug 1679252] Re: Non-Intel architectures are configured with security repos that don't work
Edward Vielmetti
edward.vielmetti at gmail.com
Mon Apr 3 18:03:45 UTC 2017
See https://github.com/docker-library/official-images/issues/2804 for
the Docker impact downstream, as the aarch64/xenial and ppc64le/xenial
official images are affected.
Fixing this bug allows this CVE http://people.canonical.com/~ubuntu-
security/cve/2017/CVE-2017-7184.html to be addressed on those platforms.
** Bug watch added: github.com/docker-library/official-images/issues #2804
https://github.com/docker-library/official-images/issues/2804
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-7184
** Also affects: livecd-rootfs via
https://github.com/docker-library/official-images/issues/2804
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1679252
Title:
Non-Intel architectures are configured with security repos that don't
work
Status in livecd-rootfs:
Unknown
Status in livecd-rootfs package in Ubuntu:
Confirmed
Bug description:
In the fix for bug 1513529, we[0] modified livecd-rootfs to write out
a sources.list that matches the sources.list in Ubuntu Server
installed from an ISO. We (presumably) compared to an Intel
installation, and hard-coded security.ubuntu.com as a repo in
sources.list.
Unfortunately, packages for non-Intel architectures aren't published
to security.ubuntu.com; they are instead published at
http://ports.ubuntu.com/ubuntu-ports/. That should be the URL that we
configure as the source for $SUITE-security.
[0] Well, *ahem*, _I_.
To manage notifications about this bug go to:
https://bugs.launchpad.net/livecd-rootfs/+bug/1679252/+subscriptions
More information about the foundations-bugs
mailing list