Re: 3.0r2 or hacked packages?
On Sun, 23 Nov 2003, Lupe Christoph wrote: > Last night my apt-get update ... oicked up a number of unexpected > packages: > > The following packages will be upgraded > bsdutils console-data debianutils mount nano procmail procps util-linux > util-linux-locales zlib1g zlib1g-dev > 11 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > Need to get 2743kB of archives. After unpacking 96.3kB will be used. > Get:1 http://ftp.de.debian.org stable/main bsdutils 1:2.11n-7 [39.5kB] > Get:2 http://ftp.de.debian.org stable/main debianutils 1.16.2woody1 [32.9kB] > Get:3 http://ftp.de.debian.org stable/main mount 2.11n-7 [99.3kB] > Get:4 http://ftp.de.debian.org stable/main util-linux 2.11n-7 [330kB] > Get:5 http://ftp.de.debian.org stable/main console-data 1999.08.29-24.2 > [869kB] > Get:6 http://ftp.de.debian.org stable/main nano 1.0.6-3 [184kB] > Get:7 http://ftp.de.debian.org stable/main procps 1:2.0.7-8.woody1 [145kB] > Get:8 http://ftp.de.debian.org stable/main procmail 3.22-5 [136kB] > Get:9 http://ftp.de.debian.org stable/main zlib1g-dev 1:1.1.4-1.0woody0 > [218kB] > Get:10 http://ftp.de.debian.org stable/main zlib1g 1:1.1.4-1.0woody0 [44.1kB] > Get:11 http://ftp.de.debian.org stable/main util-linux-locales 2.11n-7 [646kB] > > The packages are not from stable/updates but from stable/main. I'm > wondering if one of the people who cracked the servers managed to > smuggle something "interesting" into the archives. > > Or is this just 3.0r2-to-be? > > I'm always worried when I see updates for stable without an > announcement. > > Please enlighten me. ;-) Debian 3.0r2 is made from security updates at security.debian.org plus some important bugfixes from "proposed-updates" at ftp.debian.org. There are not DSA announcements for the latter but they are announced in debian-changes.
3.0r2 or hacked packages?
Hi! Last night my apt-get update ... oicked up a number of unexpected packages: The following packages will be upgraded bsdutils console-data debianutils mount nano procmail procps util-linux util-linux-locales zlib1g zlib1g-dev 11 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 2743kB of archives. After unpacking 96.3kB will be used. Get:1 http://ftp.de.debian.org stable/main bsdutils 1:2.11n-7 [39.5kB] Get:2 http://ftp.de.debian.org stable/main debianutils 1.16.2woody1 [32.9kB] Get:3 http://ftp.de.debian.org stable/main mount 2.11n-7 [99.3kB] Get:4 http://ftp.de.debian.org stable/main util-linux 2.11n-7 [330kB] Get:5 http://ftp.de.debian.org stable/main console-data 1999.08.29-24.2 [869kB] Get:6 http://ftp.de.debian.org stable/main nano 1.0.6-3 [184kB] Get:7 http://ftp.de.debian.org stable/main procps 1:2.0.7-8.woody1 [145kB] Get:8 http://ftp.de.debian.org stable/main procmail 3.22-5 [136kB] Get:9 http://ftp.de.debian.org stable/main zlib1g-dev 1:1.1.4-1.0woody0 [218kB] Get:10 http://ftp.de.debian.org stable/main zlib1g 1:1.1.4-1.0woody0 [44.1kB] Get:11 http://ftp.de.debian.org stable/main util-linux-locales 2.11n-7 [646kB] The packages are not from stable/updates but from stable/main. I'm wondering if one of the people who cracked the servers managed to smuggle something "interesting" into the archives. Or is this just 3.0r2-to-be? I'm always worried when I see updates for stable without an announcement. Please enlighten me. ;-) Thanks! Lupe Christoph PS: I'd like to compare these packages to the installed versions. How can I do that with the least amount of hassle? -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | "Violence is the resort of the violent" Lu Tze | | "Thief of Time", Terry Pratchett |
Re: 3.0r2 or hacked packages?
On Sun, 23 Nov 2003, Lupe Christoph wrote: > Last night my apt-get update ... oicked up a number of unexpected > packages: > > The following packages will be upgraded > bsdutils console-data debianutils mount nano procmail procps util-linux > util-linux-locales zlib1g zlib1g-dev > 11 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > Need to get 2743kB of archives. After unpacking 96.3kB will be used. > Get:1 http://ftp.de.debian.org stable/main bsdutils 1:2.11n-7 [39.5kB] > Get:2 http://ftp.de.debian.org stable/main debianutils 1.16.2woody1 [32.9kB] > Get:3 http://ftp.de.debian.org stable/main mount 2.11n-7 [99.3kB] > Get:4 http://ftp.de.debian.org stable/main util-linux 2.11n-7 [330kB] > Get:5 http://ftp.de.debian.org stable/main console-data 1999.08.29-24.2 [869kB] > Get:6 http://ftp.de.debian.org stable/main nano 1.0.6-3 [184kB] > Get:7 http://ftp.de.debian.org stable/main procps 1:2.0.7-8.woody1 [145kB] > Get:8 http://ftp.de.debian.org stable/main procmail 3.22-5 [136kB] > Get:9 http://ftp.de.debian.org stable/main zlib1g-dev 1:1.1.4-1.0woody0 [218kB] > Get:10 http://ftp.de.debian.org stable/main zlib1g 1:1.1.4-1.0woody0 [44.1kB] > Get:11 http://ftp.de.debian.org stable/main util-linux-locales 2.11n-7 [646kB] > > The packages are not from stable/updates but from stable/main. I'm > wondering if one of the people who cracked the servers managed to > smuggle something "interesting" into the archives. > > Or is this just 3.0r2-to-be? > > I'm always worried when I see updates for stable without an > announcement. > > Please enlighten me. ;-) Debian 3.0r2 is made from security updates at security.debian.org plus some important bugfixes from "proposed-updates" at ftp.debian.org. There are not DSA announcements for the latter but they are announced in debian-changes. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
3.0r2 or hacked packages?
Hi! Last night my apt-get update ... oicked up a number of unexpected packages: The following packages will be upgraded bsdutils console-data debianutils mount nano procmail procps util-linux util-linux-locales zlib1g zlib1g-dev 11 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 2743kB of archives. After unpacking 96.3kB will be used. Get:1 http://ftp.de.debian.org stable/main bsdutils 1:2.11n-7 [39.5kB] Get:2 http://ftp.de.debian.org stable/main debianutils 1.16.2woody1 [32.9kB] Get:3 http://ftp.de.debian.org stable/main mount 2.11n-7 [99.3kB] Get:4 http://ftp.de.debian.org stable/main util-linux 2.11n-7 [330kB] Get:5 http://ftp.de.debian.org stable/main console-data 1999.08.29-24.2 [869kB] Get:6 http://ftp.de.debian.org stable/main nano 1.0.6-3 [184kB] Get:7 http://ftp.de.debian.org stable/main procps 1:2.0.7-8.woody1 [145kB] Get:8 http://ftp.de.debian.org stable/main procmail 3.22-5 [136kB] Get:9 http://ftp.de.debian.org stable/main zlib1g-dev 1:1.1.4-1.0woody0 [218kB] Get:10 http://ftp.de.debian.org stable/main zlib1g 1:1.1.4-1.0woody0 [44.1kB] Get:11 http://ftp.de.debian.org stable/main util-linux-locales 2.11n-7 [646kB] The packages are not from stable/updates but from stable/main. I'm wondering if one of the people who cracked the servers managed to smuggle something "interesting" into the archives. Or is this just 3.0r2-to-be? I'm always worried when I see updates for stable without an announcement. Please enlighten me. ;-) Thanks! Lupe Christoph PS: I'd like to compare these packages to the installed versions. How can I do that with the least amount of hassle? -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | "Violence is the resort of the violent" Lu Tze | | "Thief of Time", Terry Pratchett | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]