-
@ ⚡️2FakTor⚡️
2025-01-21 16:56:24
It turns out that Ubuntu Linux installations of Ubuntu 23.04, 22.04.3 LTS, and installs done since April 2023 that accepted the Snap version update haven't been following Ubuntu's own recommended security best practices for their security pocket configuration for packages.
A new Subiquity release [was issued](https://github.com/canonical/subiquity/releases/tag/23.09.1) to fix this problem while those on affected Ubuntu systems already installed are recommended to manually edit their `/etc/apt/sources.list` file.
If you didn't install MiniBolt recently, **you are affected by this bug**, and we need to fix that manually if not we want to install all since cero. Anyway, if you installed Minibolt recently, we recommend you review that.
Follow these easy steps to review and fix this:
* Edit the `sources-list` file:
```
sudo nano /etc/apt/sources.list
```
* Search now for every line that includes '-security' (without quotes) (normally at the end of the file) and change the URL to --> http://security.ubuntu.com/ubuntu
~ > For example, from http://es.archive.ubuntu.com/ubuntu (or the extension corresponding to your country) to --> http://security.ubuntu.com/ubuntu
~> Real case, Spain location, **before fix**:
```
deb http://es.archive.ubuntu.com/ubuntu jammy-security main restricted
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security main restricted
deb http://es.archive.ubuntu.com/ubuntu jammy-security universe
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security universe
deb http://es.archive.ubuntu.com/ubuntu jammy-security multiverse
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security multiverse
```
**After fix:**
```
deb http://security.ubuntu.com/ubuntu jammy-security main restricted
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security main restricted
deb http://security.ubuntu.com/ubuntu jammy-security universe
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security universe
deb http://security.ubuntu.com/ubuntu jammy-security multiverse
# deb-src http://es.archive.ubuntu.com/ubuntu jammy-security multiverse
```
**Save and exit**
**Note:** If you have already these lines changed, you are not affected by this bug, and is not necessary to do anything. Simply exit the editor by doing Ctrl-X
* Finally, type the next command to refresh the repository pointers:
```
sudo apt update
```
* And optionally take the opportunity to update the system by doing:
```
sudo apt full-upgrade
```
More context:
* https://wiki.ubuntu.com/SecurityTeam/FAQ#What_repositories_and_pockets_should_I_use_to_make_sure_my_systems_are_up_to_date.3F
* https://bugs.launchpad.net/subiquity/+bug/2033977
* https://www.phoronix.com/news/Ubuntu-Security-Pocket-Issue