[Bug 2073126] Please test proposed package

Robie Basak 2073126 at bugs.launchpad.net
Wed Aug 14 10:37:04 UTC 2024 

Hello Julian, or anyone else affected,

Accepted apt into noble-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/apt/2.8.2 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
noble to verification-done-noble. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-noble. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2073126

Title:
  More nuanced public key algorithm revocation

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Noble:
  Fix Committed
Status in apt source package in Oracular:
  Fix Released

Bug description:
  (This is uploaded to noble as 2.8.1 per
  https://wiki.ubuntu.com/AptUpdates)

  [Impact]
  We have received feedback from users that use NIST-P256 keys for their repositories that are upset about receiving a warning. APT 2.8.0 in noble-proposed would bump the warning to an error, breaking them.

  We also revoked additional ECC curves, which may still be considered
  trusted, so we should not bump them to errors.

  Also existing users may have third-party repositories that use
  1024-bit RSA keys and we have not adequately informed them yet
  perhaps.

  [Solution]
  Hence we will restore all elliptic curve keys of 256 or more bit to trusted:

      ">=rsa2048,ed25519,ed448,nistp256,nistp384,nistp512,brainpoolP256r1,brainpoolP320r1,brainpoolP384r1,brainpoolP512r1,secp256k1";

  At the same time we will also introduce a more nuanced approach to
  revocations by introducing a 'next' level that issues a warning if the
  key is not allowed in it and a 'future' level that will issue an audit
  message with the --audit option.

  For the next level, we will set it to:

      ">=rsa2048,ed25519,ed448,nistp256,nistp384,nistp512"

  This means we restrict warnings to Brainpool curves and the secp256k1
  key, which we have not received any feedback about them being used
  yet.

  For the future level, we will take a strong approach to best practices
  as it is only seen when explictly running with --audit and the
  intention is to highlight best practices. It will be set to

      ">=rsa3072,ed25519,ed448";

  Which corresponds to the NIST recommendations for 2031 (and as little
  curves as possible).

  We are also introducing a mitigation for existing 24.04 systems to not
  upgrade the policy yet; by creating an apt.conf.d configuration file
  that temporarily allows the 1024-bit RSA keys if upgraded from apt
  2.7.x; with the plan to remove them in 24.04.2.

  [Test plan]
  Tests are included in the library unit tests for parsing the specification strings; we have also included a test for the gpgv method to ensure that it produces the correct outcome for both 'next' and 'future' revoked keys.

  A spot check with a 1024-bit RSA repository and a 4096 RSA repository
  would still be nice.

  Check a clean install of apt/an upgrade from mantic vs an existing
  noble system:

  - An existing noble system should create /etc/apt/apt.conf.d/00-temporary-rsa1024 and continue to trust weak RSA signatures with a warning
  - Bootstrap a new noble with proposed enabled using e.g. mmdebstrap and check that this is not the case
  - Also check upgrading from mantic directly to proposed and ensure that 1024R repositories are rejected.

  [Where problems could occur]
  There could of course be bugs in the implementation of the new feature; this could result in verification of files failing. This also happens if you specify an invalid `next` or `future` string.

  There cannot be any false positives: The new levels are only
  *additional* checks, anything not in the `Assert-Pubkey-Algo` list is
  still revoked.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2073126/+subscriptions

More information about the foundations-bugs mailing list