I stand corrected.
I learned somthing new today

On 6 February 2020 12:54:03 GMT, Ian Campbell <i...@debian.org> wrote:
>On Thu, 2020-02-06 at 07:41 +0000, Andy Simpkins wrote:
>> It isn't safe to mirror security patches because we can not assure
>> the integrity of the updates on a mirror server.
>The security mirrors are secured by by apt using the same cryptographic
>signatures as the other suites, so that's not true, they can be
>mirrored just fine (at least in principal, I don't know how much of the
>mirror network actually carries them).
>I think the real reason the default security sources are the
>main/central one is to reduce the latency in getting critical/urgent
>fixes out (i.e. no need to wait for a mirror pulse), but if that
>doesn't work for a given setup there's no reason not to change to use a
>mirror, it looks like deb.debian.org supports security so presumably
>that's a good bet.

Sent from my Android device with K-9 Mail. Please excuse my brevity.

Reply via email to