python implementation of apt-clone should remove usernames and passwords
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt-clone (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Brian Murray |
Bug Description
As discovered in CVE-2012-0949 and CVE-2012-0950 update-manager was attaching usernames and passwords for apt sources entries in the system state information. update-manager utilizes the python implementation of apt-clone to add information about the system state. The save state function of AptClone should have an option to remove usernames and passwords so that update-manager can include this essential information again.
[Impact]
It can be challenging to debug distribution upgrade bug reports without information regarding apt's state on the system trying to be upgraded. apt-clone can provide useful information to facilitate debugging these bugs so we should include it. While this is fixed in Quantal already we want to be able to help people upgrading to Quantal so should include this fix in Precise.
[Test Case]
1) Create a file /etc/apt/
'deb http://
2) execute save-state.py attached to this bug report
3) You'll have two files in /tmp/ unscrubbed-
With the version of apt-clone in precise the contents of both tar.gz's will be the same and you'll see your username and password in them.
With the version of apt-clone from precise-proposed the content of tar.gz's will be different and in the scrubbed-apt-clone you will not see the username and password instead they will be replaced with USERNAME:PASSWORD.
[Regression Potential]
None with apt-clone itself as scrub_sources defaults to False. The possibility for a regression exists with the update to update-manager.
This is the python script that utilizes apt clone and creates system state files in /tmp for testing the SRU.