[FIXED] Building Whonix from source code is NOT safe at the moment due to APT vulnerability DSA 4371-1

Update:
Building is safe again as per git tag 14.0.1.3.1-developers-only.

This news is primarily to inform developers and everyone who builds Whonix from source code. If that doesn’t mean anything to you, this news can be safely ignored.


Building Whonix from source code is NOT safe at the moment due to APT vulnerability.

APT vulnerability DSA 4371-1:
~~ https://lists.debian.org/debian-security-announce/2019/msg00010.html~~

APT vulnerability security advisory by Whonix:
~~ Operating System Software and Updates - Kicksecure

APT vulnerability security advisory by Whonix forum discussion:
~~https://forums.whonix.org/t/special-instructions-required-to-securely-update-because-of-apt-security-update-dsa-4371-1/6721~~

Please wait until this forum post is updated and/or until a news posting the security fix has been posted.

~~Context:
~~https://www.whonix.org/wiki/Dev/Build_Documentation~~

Patches welcome.
~~Frequently Asked Questions - Whonix ™ FAQ

Development discussion:
~~[FIXED] Apt RCE announced. New Whonix images needed. Whonix build NOT safe at the moment. - #4 by Patrick

will there be an images of whonix fixing up the vulnerability before update/upgrade? (like the same what happened in previous apt vulnerability)

Yes.

1 Like

Kindly explain what it means for the current OVAs as in Whonix ™ for VirtualBox with Xfce

I want to download and start using 14.0.0.9.9 - do you recommend waiting for another point release?

Update as per Operating System Software and Updates - Kicksecure or wait.

Update:

1 Like

git tag:

14.0.1.3.8-testers-only