ubuntustudio-bugs team mailing list archive
-
ubuntustudio-bugs team
-
Mailing list archive
-
Message #09846
[Bug 1862428] Re: HTTPS required by Chrom/ium for future downloading
Hi Bryan,
ubuntustudio.org *is* https if called upon explicitly. There is an open
RT ticket to fix the http-https redirect, but there hasn't been any
action on it since January when we installed our new wordpress theme.
Perhaps this bug would help speed things along if IS knows this is
becoming an issue?
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to The Ubuntu Studio Project.
Matching subscriptions: UbuntuStudio Bugs
https://bugs.launchpad.net/bugs/1862428
Title:
HTTPS required by Chrom/ium for future downloading
Status in Kubuntu Website:
New
Status in Lubuntu Website:
Fix Released
Status in Ubuntu CD Images:
Fix Released
Status in Ubuntu MATE:
Fix Released
Status in Ubuntu Studio Website:
Fix Released
Status in Xubuntu Website:
Fix Released
Bug description:
Chromium has announced [1] that they will "ensure that secure (HTTPS)
pages only download secure files. .. we’ll start blocking ... non-
HTTPS downloads started on secure pages". I also reached out and they
confirmed our current download process will be impacted.
The relevant timeline for ISOs are (changed due to covid):
today - Chrome 81 (and derivatives) shows the console warnings
user visible warning to be displayed for Chrome 84, which just landed in beta
This impacts the following secure websites that have downloads to cdimage that will break:
kubuntu.org - tried contacting via IRC also.
Good / Fixed:
lubuntu.me
ubuntu-mate.org
xubuntu.org - Fixed, links to torrent site with HTTPS. Links to a folder on mirrors not directly to the ISO - which in my testing does not cause a warning.
ubuntustudio.org - not secure but ISO links are https.
ubuntubudgie.org - fixed in https://github.com/UbuntuBudgie/Website/issues/52
ubuntukylin.com - upgraded to HTTPS (does mirror redirect, which choose an https mirror in my testing)
ubuntu.com - all links I found look good
[1] https://blog.chromium.org/2020/02/protecting-users-from-insecure.html
* But new warnings just loading an insecure site are coming
To manage notifications about this bug go to:
https://bugs.launchpad.net/kubuntu-website/+bug/1862428/+subscriptions