Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
This bug has been sitting for 4 years and isn't actually a bug, a mirror was just slow to sync. After many years of using Debian, I can say that when I see this happening (once or twice so far) I usually check the next day for the update and it's there. I'm proposing that this bug is closed.
Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
* Sam McLeod: 4) Mirror given by GeoDNS for security.debian.org was: - nashira.anu.edu.au (Located in Canberra, Australia) - Out of date and did not contain the patch. As far as I can tell, the Australian mirror is in sync now: $ wget -q -O- --header Host: security.debian.org http://gluck.debian.org/debian-security/dists/wheezy/updates/ | grep InRelease trtd valign=topimg src=/icons/unknown.gif alt=[ ]/tdtda href=InReleaseInRelease/a/tdtd align=right24-Mar-2015 21:32 /tdtd align=right101K/td/tr Either this was temporary, or the issue had a different cause. Note that mirror update is not instantaneous around the globe. In some cases, the debian-security-announce message will arrive some time before packages are available. In other cases, the message arrives afterwards. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
* Sam McLeod: So the fix is just to wait for all Debian mirrors to be in sync before you can patch? We usually send out the announcement email only after the mirror sync has completed. But there can be delays, and other users might get confused if there is a security update without a matching announcement. Can you confirm that the update is now available to you? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
I can confirm that it is indeed now available. I still think this is a bug though - out of date mirrors shouldn't be handed out. On Wed, Mar 25, 2015 at 4:34 AM -0700, Florian Weimer f...@deneb.enyo.demailto:f...@deneb.enyo.de wrote: * Sam McLeod: So the fix is just to wait for all Debian mirrors to be in sync before you can patch? We usually send out the announcement email only after the mirror sync has completed. But there can be delays, and other users might get confused if there is a security update without a matching announcement. Can you confirm that the update is now available to you?
Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
So the fix is just to wait for all Debian mirrors to be in sync before you can patch? On Wed, Mar 25, 2015 at 3:05 AM -0700, Florian Weimer f...@deneb.enyo.demailto:f...@deneb.enyo.de wrote: * Sam McLeod: 4) Mirror given by GeoDNS for security.debian.org was: - nashira.anu.edu.au (Located in Canberra, Australia) - Out of date and did not contain the patch. As far as I can tell, the Australian mirror is in sync now: $ wget -q -O- --header Host: security.debian.org http://gluck.debian.org/debian-security/dists/wheezy/updates/ | grep InRelease trtd valign=topimg src=/icons/unknown.gif alt=[ ]/tdtda href=InReleaseInRelease/a/tdtd align=right24-Mar-2015 21:32 /tdtd align=right101K/td/tr Either this was temporary, or the issue had a different cause. Note that mirror update is not instantaneous around the globe. In some cases, the debian-security-announce message will arrive some time before packages are available. In other cases, the message arrives afterwards.
Bug#781128: security.debian.org: GeoDNS load balancing of Debian Security mirrors + out of date mirrors means you cant patch
Package: security.debian.org Severity: grave Tags: security Justification: renders package unusable Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? 1) Received notification of DSA 3197-2 2) Updated apt across our servers 3) Security patch was unavailable 4) Mirror given by GeoDNS for security.debian.org was: - nashira.anu.edu.au (Located in Canberra, Australia) - Out of date and did not contain the patch. - Was not in the same city (Melbourne), or State (Victoria) as our location. * What exactly did you do (or not do) that was effective (or ineffective)? - There was no clear way to mark the mirror as out of date or to select another mirror. - We ended up having to manually edit our servers hosts file to point at another host. * What was the outcome of this action? - We were not able to obtain a security patch when it was released. * What outcome did you expect instead? - GeoDNS for security updates to only point to updated servers - GeoDNS to provide a mirror near us, rather than on the other side of the country -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.18.4-ix (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org