Launchpad itself

  1. Bug #1473092
  2. Comment #5

Comment 5 for bug 1473092

Revision history for this message
Hans-Christoph Steiner (eighthave) wrote :

Given bugs like CVE-2016-1252 https://www.debian.org/security/2016/dsa-3733, I think it is now quite clear that Debian package archives should always use HTTPS. Right now, all of the Ubuntu repos are available via HTTPS using https://mirrors.kernel.org, among others. That leaves only PPAs on HTTP.