[Security] apt packages downloaded over http (tcp:80) are not encrypted.

DeineAgenturUG / greenbone-gvm-openvas-for-docker

The Greenbone Vulnerability Management (GVM) and OpenVAS Scanner for Docker!

MIT License

24 stars 7 forks source link

Closed huornlmj closed 2 years ago

huornlmj commented 2 years ago

Describe the bug apt packages downloaded over http (tcp:80) are not encrypted.

To Reproduce Steps to reproduce the behavior:

Start the container.
Watch the logs.
Note multiple connections to http only apt servers instead of the https versions.

Expected behavior Use https instead of http to download components into the running container.