Follow these instructions:
Operating System Software and Updates
Not required for Whonix 14.0.1.3.8 (currently testers-only version) or above.
1 Like
Sorry guys but I’m a bit confused by this.
Before I saw this announcement, earlier today, I upgraded my qubes whonix templates.
Now I run dpkg -l | grep “commandline package manager”. and get reply: ii apt 1.4.9 amd64 commandline package manager.
Does this mean all is well? OR do I need to do something?
Naive question: how do we mere mortal end users check that our Whonix installs weren’t already rooted by NSA using this apt vulnerability?
Means you probably made the upgrade without the special instructions and the system might have been compromised during the upgrade.
If you want have higher certainty you’d have to apply disaster recovery steps but we don’t have that documented yet.
Document recovery procedure after compromise
You don’t.
proposal for package manager update security on/off switch to be prepared for the next APT security vulnerablity:
https://groups.google.com/forum/#!msg/qubes-devel/030ikOTKsgo/aobQPdYXFgAJ
hello.
During this apt related instruction,is it ok to select N?
Configuration file ‘/etc/apt/sources.list.d/debian.list’
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer’s version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** debian.list (Y/I/N/O/D/Z) [default=N] ?
File provided by Whonix.
anon-apt-sources-list/debian.list at master · Kicksecure/anon-apt-sources-list · GitHub
Installation is safe. Installation will revert user modification of /etc/apt/sources.list.d/debian.list. These could be re-applied.
Related to:
See also: