Re: Upgrading from Debian 6.0 LTS to 7
On 02/20/2016 01:17 PM, Alexis Grigoriou wrote: or is there more that I need to do since my installation has LTS support? One thing that comes to mind is the "squeeze-lts" entry in /etc/apt/sources.list. Does that need to be removed prior to upgrading or does the upgrade process take care of that itself? On 20.02.16 20:46, Miroslav Skoric wrote: Probably it would be enough to do the following: at first to update as much as possible with the actual "squeeze-lts" entry, following by changing all "squeeze-lts" and "squeeze" entries to "wheezy" and update/upgrade it again in some way of a 'safe upgrade' (there is some syntax on the web how to do that, and that step will upgrade only the kernel parts of the system), and finally to do full upgrade again (all the rest packages in the system). I see currently two possible issues in replacing squeeze with wheezy: 1. does wheezy-lts exist already on mirrors? (doesn't seem so) 2. there's still ongoing security support for wheezy, but there is not for squeeze. If anyone removed security mirror from squeeze's sources.list, will stop having security updates. I know that shouldn't happen - I have asked about this some time ago and was advised to leave sources.list as they were, including volatile and security updates. BUT: https://wiki.debian.org/LTS/Using - only mentions having only squeeze and squeeze-lts, so user updating that config for wheezy would lose updates (including security). It would be much better to keep all currently archives working and being used. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Support bacteria - they're the only culture some people have.
Re: Upgrading from Debian 6.0 LTS to 7
On 2016-02-20 20:46, Miroslav Skoric wrote: Probably it would be enough to do the following: at first to update as much as possible with the actual "squeeze-lts" entry, following by changing all "squeeze-lts" and "squeeze" entries to "wheezy" and update/upgrade it again in some way of a 'safe upgrade' (there is some syntax on the web how to do that, and that step will upgrade only the kernel parts of the system), and finally to do full upgrade again (all the rest packages in the system). For upgrading _to_ squeeze, I believe the recommendation was to apt-get update && apt-get install linux-image... etc. as one of the earliest steps, probably due to udev and initrd finicky bits. For the systems I've upgraded from squeeze to wheezy, I've essentially followed the bog standard instructions: Commented out the squeeze-lts entry, and added wheezy entries: deb http://ftp.no.debian.org/debian/ wheezy main contrib non-free deb-src http://ftp.no.debian.org/debian/ wheezy main contrib non-free deb http://security.debian.org/ wheezy/updates main contrib non-free deb-src http://security.debian.org/ wheezy/updates main contrib non-free deb http://ftp.no.debian.org/debian/ wheezy-updates main contrib non-free deb-src http://ftp.no.debian.org/debian/ wheezy-updates main contrib non-free After that: apt-get update && apt-get upgrade Pay attention to any errors and warnings, and if successful, followup with: apt-get dist-upgrade However, the devil is in the details of "pay attention". One system failed to update initrd and also failed to install Grub 2 properly, which resulted in an unbootable system. Using a Wheezy USB disk in rescue mode solved that quickly enough. Additionally, pay very close attention to all config files that are changed; several of these need a bit of manual editing to get services back up and running. -- Cheers, Jan
Re: Upgrading from Debian 6.0 LTS to 7
On Sat, 2016-02-20 at 14:17 +0200, Alexis Grigoriou wrote: > Hello list, > I just read today that Debian squeeze is reaching its EOL. I have > followed instructions to add LTS support to squeeze and it served me > well. And now it is time to upgrade to wheezy. What are the actions I > need to do? Are the steps the same as > > https://www.debian.org/releases/wheezy/i386/release-notes/ch-upgrading.html > > or is there more that I need to do since my installation has LTS > support? The same process should still work. > One thing that comes to mind is the "squeeze-lts" entry > in /etc/apt/sources.list. Does that need to be removed prior to > upgrading or does the upgrade process take care of that itself? You should remove that at some point since it will eventually result in HTTP errors when the suite is removed from the archive, but it does not matter whether you do so before or after upgrading. Ben. > Any help would be much appreciated. > And a big thanks to LTS team for providing us LTS :) > -- Ben Hutchings Tomorrow will be cancelled due to lack of interest. signature.asc Description: This is a digitally signed message part
wheezy-security to wheezy-lts transition
[apologies to anyone who's ended up with three copies of this; the original got eaten due to a misconfiguration on my side - please only reply to this copy] Hi, As I understand it, the plan is for wheezy-lts to re-use security.d.o:wheezy/updates directly, rather than a separate suite on ftp-master. Is that correct? If so then we need to consider how the transition works in the short term. For example, the final point release of oldstable occurs after security support ceases, so that we can fold in as many of the remaining packages from the security archive as possible, including those that failed to build on some architectures originally - it would be confusing if we ended up pulling in any packages that were actually from wheezy-lts, or even having those appear in oldstable-new. Regards, Adam
[SECURITY] [DLA 421-1] openssl security update
Package: openssl Version: 0.9.8o-4squeeze23 CVE ID : CVE-2015-3197 CVE-2015-3197: A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. Additionally, when using a DHE cipher suite a new DH key will always be generated for each connection. This will be the last security update for the squeeze version of the package. The 0.9.8 version is no longer supported and the squeeze LTS support will end soon. If you are using openssl you should upgrade to wheezy or preferably jessie. The version in those versions contain many security improvements. Kurt Roeckx signature.asc Description: PGP signature
Accepted openssl 0.9.8o-4squeeze23 (source amd64) into squeeze-lts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 20 Feb 2016 12:31:42 +0100 Source: openssl Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: source amd64 Version: 0.9.8o-4squeeze23 Distribution: squeeze-lts Urgency: medium Maintainer: Debian OpenSSL TeamChanged-By: Kurt Roeckx Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto openssl- Secure Socket Layer (SSL) binary and related cryptographic tools Changes: openssl (0.9.8o-4squeeze23) squeeze-lts; urgency=medium . * Fix CVE-2015-3197 * Always generate new key for DHE. Checksums-Sha1: b5338a9b0b20b7827b92e15c247057d5d9a3d8ee 1989 openssl_0.9.8o-4squeeze23.dsc f171a7195098630faa8225e271a00743ab796258 143218 openssl_0.9.8o-4squeeze23.debian.tar.gz 645a5d54939eb0ab8d4845714247e506a1b377d7 1062132 openssl_0.9.8o-4squeeze23_amd64.deb dd6a9306b898d682b0151ae92dc5bb0c05942d9f 1006322 libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 852dc938663fe10d1de7ff80f67f8d8f2d445fbe 645396 libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb f1991eb71a5c1397ba436155288e84353c459575 2309044 libssl-dev_0.9.8o-4squeeze23_amd64.deb dd2a3b11d526400f6d5eaafc262a67ad72602485 1624314 libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Checksums-Sha256: ae152fc44696d1143a10ffc30efbe729c14ed069698fff71666482dd172480bc 1989 openssl_0.9.8o-4squeeze23.dsc a02023d121f088073d070ead4086a62f722bb4dffb15a36977dc014499034738 143218 openssl_0.9.8o-4squeeze23.debian.tar.gz e76cdefb96b9a7727cfeaf2ceb580875efb766c5d0b62e1be69d4a52abda022d 1062132 openssl_0.9.8o-4squeeze23_amd64.deb 7859da235541ee906fc08a2c65c3fee9493ab1186c4c2e260bbd023ec7b9fd7b 1006322 libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 8ccbe107f6e670e957660b0642fb926b00aa7958e4e5609f6e842c2972ab7465 645396 libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb 1bf7e00cbabd12d51df11c65bc39dd02063eba859854fc0f6959292b28378b27 2309044 libssl-dev_0.9.8o-4squeeze23_amd64.deb 8be059f6d06d6d1507d33dc66599b15b1f68db5a881ebb01bdc381de5b6275c8 1624314 libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Files: 34aea509b286ae1c60f5dab3983d1498 1989 utils optional openssl_0.9.8o-4squeeze23.dsc 9799bc2c8ee7a6e6b2a17783c495353d 143218 utils optional openssl_0.9.8o-4squeeze23.debian.tar.gz aa30e5dbeaae9987f26ac797a9b81462 1062132 utils optional openssl_0.9.8o-4squeeze23_amd64.deb bc45c2ce9473307439a1be2d8c5d799a 1006322 libs important libssl0.9.8_0.9.8o-4squeeze23_amd64.deb 917a8d990f540610fe0d382dfaf877a9 645396 debian-installer optional libcrypto0.9.8-udeb_0.9.8o-4squeeze23_amd64.udeb af60a90c0ab333be1b74042554e3addc 2309044 libdevel optional libssl-dev_0.9.8o-4squeeze23_amd64.deb fa4052df0b638a61c81ba7f3cfbbaf6f 1624314 debug extra libssl0.9.8-dbg_0.9.8o-4squeeze23_amd64.deb Package-Type: udeb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWyFkPAAoJEOPE3c0eTBJEKasP/1dAo+X7NZRlBE2tonHYi5y7 OsJJ5KnNa+RLttBDu1Qr8JISCojxeO1Rc6Ss7mUk3lpx4U9ibbNIogLuwBppve8N kUcQK4ZSqbTs/H0LyQC9tLamEpM3n4Sb6jqxgJu0OC5S/mBUVCfiDN9G0yNwa16A czSP0qz0+HR5CR+ZeHyyfyEMnjVypu4fAK82m97oi/SUlqH2XlOTvYuenve4ePLI 4frKW/SaJQ4KALpyhP3DMuulEbctYxejzwfH29PO1KcEA2W1bUrJWR8voVm1h7tm awjDexR6hXX75pdJvVQK40xyqnfIT64UMR4vmFzhFnkoX/FoHjUROO5ZyM5xZosw dMWBfwsdUYP10DBkWEnEvPWZr0MPQA7JUROZUyPd1SMq/BCSvH72KHdDOC6iS/pW TJeogRU2Jq/QMYKieTClAeGSlLARdRz2kfof2NozQyLWoSO0gEpnXai9KPD/vGDI 3zGialo8/xAeZ03yS6+5OBQf3lgUDFuKvSBdx88rTp2opzd4eeuHdKYyofU3pxOK R5MbcogFCV+KiOAb8uGxl24BGacen1ZD+vK8sLQ7R+GcFIa8NBL0GiED6wRnA98v PNV22nvudEGN8qZb5ksR8k1Gik9MVqS5w0m7yQFZ+QzL4eu4InyvMf7YNrqPdDKY /RuDwDqWkdkGag7Q7Tdf =mJAp -END PGP SIGNATURE-
Upgrading from Debian 6.0 LTS to 7
Hello list, I just read today that Debian squeeze is reaching its EOL. I have followed instructions to add LTS support to squeeze and it served me well. And now it is time to upgrade to wheezy. What are the actions I need to do? Are the steps the same as https://www.debian.org/releases/wheezy/i386/release-notes/ch-upgrading.html or is there more that I need to do since my installation has LTS support? One thing that comes to mind is the "squeeze-lts" entry in /etc/apt/sources.list. Does that need to be removed prior to upgrading or does the upgrade process take care of that itself? Any help would be much appreciated. And a big thanks to LTS team for providing us LTS :)