Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ubuntu 16.04 (Xenial Xerus) - how to verify patches downloaded?


  • Please log in to reply
15 replies to this topic

#1 Itchy01

Itchy01

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 23 October 2017 - 03:19 AM

Hi all

I've been trying to teach myself Linux (Ubuntu 16.04 LTS - Xenial Xerus). I'm at the "for-idiots" level. Sadly, I'm not fluent in commands and terminology. I'm learning by fumbling and bumbling, and not really understanding what I'm doing. That, then, is the context for this request for help. Which is:

Is there some way to verify whether I've managed to download (to a Toshiba Satellite L840 - not the machine I'm presently using) the KRACK wpa2 vulnerability patches for Ubuntu 16.04? (Namely, those listed on "USN-3455-1: wpa_supplicant and hostapd vulnerabilities").

I had updated the L840 on 17th October using "sudo apt-get update" and "sudo apt-get dist-upgrade" and may have got the patches then (Sadly, I didn't really take notice of what was downloading then, as I only read the Vanhoef article after updating).

Today, I again updated the L840 using "sudo apt-get update" and "sudo apt-get dist-upgrade". Later, reading online, I came across "Upgrades: Desktop" (https://wiki.ubuntu.com/Security/Upgrades#Desktop). I rediscovered I had an Update Manager and used that to yet again update the machine (I got 50 MB more!). Nothing I saw in the details of either update today resembled the "KRACK" patches.  

Today, after using the Update Manager, I again tried for updates using "sudo apt-get update" and "sudo apt-get upgrade" (not "dist-upgrade") but the terminal dialogue just seemed to indicate there was nothing to get and nothing had been got.

Running the command "sudo apt-get changelog wpasupplicant" (found at https://askubuntu.com/questions/965684/has-ubuntu-been-patched-against-the-krack-attack) showed (I think) that the patches are in their repositories and can be downloaded by the usual update commands. Trouble is, with "dist-upgrade", I've often seen a message at the end that some packages (they are always listed) were "automatically downloaded", are not needed and can be got rid of using a given command. I did that today (before using the Update Manager) and probably did on the 17th also.

I'd hate to think that, with my bumbling "method", I'd downloaded the patches only to remove them again!

So (sorry I'm long-winded) is there some way of searching a machine to verify what patches have beenb downloaded? Windows rather spoils you, since you can go to Update History and from there work out what you've got. How it's done in Ubuntu I don't know. Anyone able to help?

Thanks

itchy 01


Edited by Itchy01, 23 October 2017 - 03:20 AM.


BC AdBot (Login to Remove)

 


#2 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 23 October 2017 - 07:01 AM

Don't use Ubuntu myself, but I believe that Ubuntu Software Center has a list of all the updates you have downloaded/installed in the past

Look under the "History" tab.

 

If you have "Synaptic Package Manager" installed, open it, then click file >history and select the dates that you want to check (on the left) and the "history" for that day (including any updates) will be displayed.


Edited by Gary R, 23 October 2017 - 07:11 AM.


#3 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 23 October 2017 - 07:52 PM

Thanks for answering Gary R

Unfortunately, in this world nothing runs as we'd hope.

I pulled up Software Centre (which - from Wikipedia - I understand Canonical hasn't maintained since 2015). There was no History tab - Just 3 tabs. "All", "Installed", "Updates". There were entries under "Updates" and a red box on the Updates tab with a "1" on it. (Presumably one update available). I noticed a number of items (including "System Updates") on this tab and - pressured by family and under the rubric of "I-never-know-what-I'm-doing-anyway" - pressed an "Install" button. Now the Updates tab just says "Software is up to date".

 

I checked under "Installed" of course, but NADA.

I have Synaptic. File>History just shows June 2017 in the left, and searching for October 2017 gives me nothing.

Again, it comes back to not knowing what I'm doing. I'd join Ubuntu Forums except their T&C mentions credit cards which has put me off so far.

Thanks anyhow

itchy01



#4 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 24 October 2017 - 12:18 AM

History logs are kept in  .... /var/log/apt/history.log

 

You can view its contents if you open a terminal and enter .... less /var/log/apt/history.log

 

... then step through the log by hitting return till you get to the end.

 

Unfortunately, by default logrotate compresses and "ages out" old entries, so you may not find what you want if the information you want has been "aged out" already.

 

If that doesn't work, then I'm out of ideas.



#5 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 24 October 2017 - 02:48 AM

Thanks Gary

 

I could only get the logs for 23/24 Oct with your command but your info led me to "https://askubuntu.com/questions/21657/how-do-i-show-apt-get-package-management-history-via-command-line" which had a number of good command lines, including "zless /var/log/apt/history.log.1.gz".

 

That gave me the log for "dist-upgrade" for 17 October although, unfortunately, nothing there that immediately said to me security updates. You may be "out of ideas" but the idea you had put me where I needed to be. Now, I just have to figure out how to look for or at least recognize the security patches as they'd be represented in logs. Of course, these logs are for items downoladed via the "dist-upgrade" command. How to see what might have been downloaded by just "upgrade" or by Update Manager I think might be another matter.

 

Still, I thank you Gary because you've added another tool to my arsenal. It's up to me now to figure how to use it.

 

Again, many thanks

 

itchy01



#6 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 24 October 2017 - 06:39 AM

You're welcome.

 

Glad to hear that we at least made some progress. Please keep us informed of any further advances you make, because I'm sure that there will be others who can benefit from what you discover.


Edited by Gary R, 24 October 2017 - 06:40 AM.


#7 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 24 October 2017 - 07:12 AM

Certainly will do.

 

Cheers again,

 

itchy01



#8 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 October 2017 - 06:23 AM

Hi again Gary

One command a respondent on another forum has suggested to check for relevant packages was:

sudo apt list --installed | grep -i ??????

where a number of search terms could be used in place of "??????".

From USN-3455-1: wpa_supplicant and hostapd vulnerabilities, I decided on the substitute search terms: "hostapd", "2.4-0ubuntu6.2" and "wpasupplicant", and gave them a try.

All substitutes gave a first line "WARNING: apt does not have a stable CLI interface. Use with caution in scripts."

"hostapd" didn't give a second line, indicating "hostapd" software wasn't installed on my machine in the first place (which I gather was all to the good perhaps).

The other two substitutes all gave the same second line: "wpasupplicant/xenial-updates,xenial-security,now 2.4-0ubuntu6.2 amd64 [installed]". Whatever substitute search term had been inserted for "??????" was highlighted in red in that second line.

I haven't yet found a command that gives more detail, though I'll keep looking. But I thought the above might be another useful tool to have and I pass it on for others.

Cheers

itchy01


Edited by Itchy01, 27 October 2017 - 06:28 AM.


#9 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 826 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 27 October 2017 - 11:19 AM

Very useful, thanks for posting.

 

apt list is a relatively new command option for apt so it may not be available for people with older versions of Ubuntu (or its derivatives).

 

I find this article ... https://itsfoss.com/apt-command-guide/ ... to be useful when working with apt commands



#10 Al1000

Al1000

  • Global Moderator
  • 7,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:39 AM

Posted 27 October 2017 - 01:43 PM

To find information on installed and available packages, try apt-cache policy

Example:
al@my-desktop-pc:~$ apt-cache policy wpasupplicant
wpasupplicant:
  Installed: 2.3-1+deb8u5
  Candidate: 2.3-1+deb8u5
  Version table:
 *** 2.3-1+deb8u5 0
        500 http://security.debian.org/ jessie/updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2.3-1+deb8u4 0
        500 http://ftp.uk.debian.org/debian/ jessie/main amd64 Packages


#11 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 October 2017 - 08:06 PM

Hi Gary

 

I've downloaded that article of Abhishek Prakash's and another 2 on apt, apt-get, and the differences. They are easy reading and explanatory. Many thanks.

 

Hi AI1000

Thanks for that command - I'll give that a go tonight. I might experiment with an "apt" version of it also.

 

Cheers both

 

itchy01



#12 Rocky Bennett

Rocky Bennett

  • Members
  • 2,632 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:06:39 PM

Posted 28 October 2017 - 05:48 AM

Thanks for answering Gary R

Unfortunately, in this world nothing runs as we'd hope.

I pulled up Software Centre (which - from Wikipedia - I understand Canonical hasn't maintained since 2015). There was no History tab - Just 3 tabs. "All", "Installed", "Updates". There were entries under "Updates" and a red box on the Updates tab with a "1" on it. (Presumably one update available). I noticed a number of items (including "System Updates") on this tab and - pressured by family and under the rubric of "I-never-know-what-I'm-doing-anyway" - pressed an "Install" button. Now the Updates tab just says "Software is up to date".

 

I checked under "Installed" of course, but NADA.

I have Synaptic. File>History just shows June 2017 in the left, and searching for October 2017 gives me nothing.

Again, it comes back to not knowing what I'm doing. I'd join Ubuntu Forums except their T&C mentions credit cards which has put me off so far.

Thanks anyhow

itchy01

 

 

I belong to the Ubuntu forum, I am running 17.10, and there are no credit card requirements to join. Just create a log in and a password and you can join the Ubuntu forum.


594965_zpsp5exvyzm.png


#13 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 28 October 2017 - 11:04 PM

Thanks Rocky

 

I'll just clarify, as it does seem as if I'm saying Ubuntu charges for Forum membership. What I meant to get across was the mention of credit cards in the T&Cs was the thing that had put me off joining Ubuntu Forums. See U1 and Software Centre — Terms of Service ("Credit Card" is mentioned five times under Accounts and Fees and payment) - this page seems identical to the Terms and Conditions page I read and downloaded when I started the registering process (and, obviously, didn't finish).

 

In Accounts, it also states: "You may cancel your account at any time through the Ubuntu One website or Ubuntu software centre. Where you have an Ubuntu One account you must cancel your service before it renews in order to avoid billing of the next period's fees to your credit card". Probably that's meant to be understood in the context of a statement under Fees and payment: "The Ubuntu One services consist of a free and paid subscriptions. An Ubuntu One subscription is required for all services and a valid credit card is required for paid subscriptions." However, at the time and in a hurry, I opted to bail out.

 

I also wasn't crazy about having to register for the Forums through Ubuntu One, a bit too much like Microsoft Account for my liking. I gather from the T&Cs you have to register for the Forums through a Ubuntu One account. Or, is there still a way just to join the Forums without that? That'd make me happier.

 

Cheers

 

Itchy01



#14 Al1000

Al1000

  • Global Moderator
  • 7,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:39 AM

Posted 29 October 2017 - 06:44 AM

Yes, the only way to register for the Ubuntu forum is by opening an Ubuntu One account. You will have to supply a valid email address, and a username and password, just like when you joined BC.

You certainly won't have to supply any credit card details, but unfortunately there is no way of getting around the fact that credit cards are mentioned in their terms and conditions, because of their services that do require such.

Edited by Al1000, 29 October 2017 - 06:45 AM.


#15 Rocky Bennett

Rocky Bennett

  • Members
  • 2,632 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:06:39 PM

Posted 29 October 2017 - 11:35 AM

Thanks Rocky

 

I'll just clarify, as it does seem as if I'm saying Ubuntu charges for Forum membership. What I meant to get across was the mention of credit cards in the T&Cs was the thing that had put me off joining Ubuntu Forums. See U1 and Software Centre — Terms of Service ("Credit Card" is mentioned five times under Accounts and Fees and payment) - this page seems identical to the Terms and Conditions page I read and downloaded when I started the registering process (and, obviously, didn't finish).

 

In Accounts, it also states: "You may cancel your account at any time through the Ubuntu One website or Ubuntu software centre. Where you have an Ubuntu One account you must cancel your service before it renews in order to avoid billing of the next period's fees to your credit card". Probably that's meant to be understood in the context of a statement under Fees and payment: "The Ubuntu One services consist of a free and paid subscriptions. An Ubuntu One subscription is required for all services and a valid credit card is required for paid subscriptions." However, at the time and in a hurry, I opted to bail out.

 

I also wasn't crazy about having to register for the Forums through Ubuntu One, a bit too much like Microsoft Account for my liking. I gather from the T&Cs you have to register for the Forums through a Ubuntu One account. Or, is there still a way just to join the Forums without that? That'd make me happier.

 

Cheers

 

Itchy01

 

I agree with what Al said right after your post. There are different types of accounts that are spelled out in the terms and conditions over at Ubuntu One, and for a free account they never ask for any type of credit card information.

 

The forum is informative, but I feel a lot more comfortable here at Bleeping Computer, but do not be put off by the terms and conditions. It is just routine legal rambling.


594965_zpsp5exvyzm.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users