[Bug 1817049] Re: Subiquity should install security updates before first login
Seth Arnold
1817049 at bugs.launchpad.net
Fri Apr 5 02:00:18 UTC 2019
Two methods come to mind:
- Writing an apt sources.list that omits the -updates pocket
- Writing apt pinning rules that omits the -updates pocket.
I would prefer we install all updates, unless the user has explicitly
requested only the -security pocket:
- Updates from -updates may be very important but not involve a security
boundary.
- Doing a simple apt update && apt upgrade with the configured sources
would be easier than trying to modify the sources or add and remove
pinning without disrupting any pinning the user may have selected.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1817049
Title:
Subiquity should install security updates before first login
Status in subiquity:
Triaged
Status in subiquity package in Ubuntu:
New
Bug description:
Subiquity should download and install any relevant security updates
before allowing the user to login for the first time after the
installation to prevent the user from entering credentials and using
an insecure web browser and other components.
To manage notifications about this bug go to:
https://bugs.launchpad.net/subiquity/+bug/1817049/+subscriptions
More information about the foundations-bugs
mailing list