Bug#859608: cloud.debian.org: fai-cloud-images use jessie security mirror for stretch

Wed, 05 Apr 2017 00:51:57 -0700 

Package: cloud.debian.org
Severity: important
Tags: patch

Dear Maintainer,

Currently fai-cloud-images configuration at
<https://anonscm.debian.org/cgit/cloud/fai-cloud-images.git/> uses
staticly configured jessie security mirror for stretch images. This is
caused by invalid configuration line in files/etc/apt/sources.list/CLOUD

    deb {cdn}/debian {release} main
    deb http://security.debian.org/ jessie/updates main
    deb {cdn}/debian {release}-updates main

ie. jessie/updates is always used for security updates, instead of
{release}/updates which would get replaced with current release name at
build time.

This might cause system to ignore important security updates, which is
the reasoning for Severity: important.

Patch attached.


Regards,

Ville


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

From 7dc04fce45181f49b3448a377c599bbd254533a1 Mon Sep 17 00:00:00 2001
From: Ville Korhonen <[email protected]>
Date: Wed, 5 Apr 2017 10:13:34 +0300
Subject: [PATCH] Use security mirror for current release

This replaces static release name 'jessie' with '{release}', that
gets replaced with current release name at build time.

Allows using security updates for current release, instead of using
those targeted for jessie.
---
 files/etc/apt/sources.list/CLOUD | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/files/etc/apt/sources.list/CLOUD b/files/etc/apt/sources.list/CLOUD
index f847cce..16f4420 100644
--- a/files/etc/apt/sources.list/CLOUD
+++ b/files/etc/apt/sources.list/CLOUD
@@ -1,3 +1,3 @@
 deb {cdn}/debian {release} main
-deb http://security.debian.org/ jessie/updates main
+deb http://security.debian.org/ {release}/updates main
 deb {cdn}/debian {release}-updates main
-- 
2.11.0

Reply via email to