#29158: Add fix for DSA 4371-1 (apt vulnerability)
--------------------------------------------+------------------------------
Reporter: boklm | Owner: tbb-team
Type: defect | Status:
| needs_information
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201901R, tbb-rbm | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------------+------------------------------
Comment (by boklm):
Replying to [comment:9 gk]:
> So, we need 4 packages to fix the vulnerability on Debian systems. Why
do we only need 2 for Ubuntu?
I looked at the Ubuntu image we download, and there was only 2 apt
packages included inside this image. For the Debian ones, I looked at the
apt packages installed by debootstrap, and there was those 4 packages.
> What is the plan for 32bit Wheezy? commit
cd1874ffe37bc50bda7ea2fefadd9637d93b360b ? I am feeling a bit reluctant to
taking trusty packages tbh...
The commit using trusty packages was just a test to see if that could
work, but it doesn't work.
I think the plan is to do #26323 to be able to stop using 32bit Wheezy.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29158#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
