Re: stretch security updates
On 11/03/18 14:38, Felix Natter wrote: > hi, Hi, Felix. > I had a wrong configuration in sources.list (for about half a year :-(): > > deb http://security.debian.org/ stretch/updates main contrib non-free > deb-src http://security.debian.org/ stretch/updates main contrib non-free I am using this configuration without problems. In fact, yesterday I got the update to Stretch 9.4 with this configuration. Kind regards, Daniel signature.asc Description: OpenPGP digital signature
Re: stretch security updates
On Sun, Mar 11, 2018 at 06:38:56PM +0100, Felix Natter wrote: > hi, > > I had a wrong configuration in sources.list (for about half a year :-(): > > deb http://security.debian.org/ stretch/updates main contrib non-free > deb-src http://security.debian.org/ stretch/updates main contrib non-free > > which I corrected now: > > deb http://security.debian.org/debian-security/ stretch/updates main contrib > non-free > deb-src http://security.debian.org/debian-security/ stretch/updates main > contrib non-free > I think that either form is fine. I have some cloud systems that use the first form and I received all the expected security updates. > > But I still do not get the stretch 9.4 security updates, like > firefox-esr for example [1]. > > However, looking at the package status for firefox-esr [2], there does > not seem to be a [security] update (but maybe it's just designated > differently since stretch?). In any case, that version > (52.6.0esr-1~deb9u1) is installed. > > Is that because the 9.4 release pulls in all sec updates in the regular > update channel? > Debian 9.4 constitutes a point release [0]. When a point release is made the packages in the main archive are updated, usually from those that have updated to the security suite, but also with additional non-security updates that have been proposed by package maintainers and/or release managers. So, those updates, including firefox-esr, would be expected from the standard archive sources instead of the security sources. You can tell if you are updated to Debian 9.4 by looking at the output of any of these commands: $ cat /etc/debian_version $ lsb_release -a $ apt-cache policy base-files Regards, -Roberto [0] https://wiki.debian.org/DebianReleases/PointReleases -- Roberto C. Sánchez
stretch security updates
hi, I had a wrong configuration in sources.list (for about half a year :-(): deb http://security.debian.org/ stretch/updates main contrib non-free deb-src http://security.debian.org/ stretch/updates main contrib non-free which I corrected now: deb http://security.debian.org/debian-security/ stretch/updates main contrib non-free deb-src http://security.debian.org/debian-security/ stretch/updates main contrib non-free Now I see when doing apt-get update: OK:1 http://ftp.debian.org/debian stretch-updates InRelease OK:2 http://download.virtualbox.org/virtualbox/debian stretch InRelease OK:3 http://linux.teamviewer.com/deb stable InRelease Ign:4 http://ftp.de.debian.org/debian stretch InRelease OK:5 http://linux.teamviewer.com/deb preview InRelease OK:6 http://ftp.de.debian.org/debian unstable InRelease OK:7 http://ftp.de.debian.org/debian stretch Release Holen:8 http://security.debian.org/debian-security stretch/updates InRelease [63,0 kB] Holen:10 http://security.debian.org/debian-security stretch/updates/non-free Sources [772 B] Holen:11 http://security.debian.org/debian-security stretch/updates/main Sources [125 kB] Holen:12 http://security.debian.org/debian-security stretch/updates/contrib Sources [1.384 B] Holen:13 http://security.debian.org/debian-security stretch/updates/main i386 Packages [341 kB] Holen:14 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [340 kB] Holen:15 http://security.debian.org/debian-security stretch/updates/main Translation-en [151 kB] Holen:16 http://security.debian.org/debian-security stretch/updates/contrib i386 Packages [1.776 B] Holen:17 http://security.debian.org/debian-security stretch/updates/contrib amd64 Packages [1.776 B] Holen:18 http://security.debian.org/debian-security stretch/updates/contrib Translation-en [1.759 B] Holen:19 http://security.debian.org/debian-security stretch/updates/non-free i386 Packages [1.268 B] Holen:20 http://security.debian.org/debian-security stretch/updates/non-free amd64 Packages [1.268 B] Holen:21 http://security.debian.org/debian-security stretch/updates/non-free Translation-en [481 B] Es wurden 1.030 kB in 1 s geholt (664 kB/s). Paketlisten werden gelesen... Fertig But I still do not get the stretch 9.4 security updates, like firefox-esr for example [1]. However, looking at the package status for firefox-esr [2], there does not seem to be a [security] update (but maybe it's just designated differently since stretch?). In any case, that version (52.6.0esr-1~deb9u1) is installed. Is that because the 9.4 release pulls in all sec updates in the regular update channel? [1] https://www.debian.org/News/2018/20180310 [2] https://packages.debian.org/search?searchon=sourcenames=firefox-esr Many Thanks and Best Regards, -- Felix Natter debian/rules!
