Hi,
On Wed, Jan 13, 2016 at 09:57:52PM +0100, Antoine Amarilli wrote:
> It is annoying to get spam from cron because of this issue, I already
> edited the script to fix this, but it would be great if a fix could be
> pushed.
>
> That said, while the proposed patch is the correct way to replace the
> deprecated option by the equivalent options suggested by the man, I'm a
> bit surprised to see --allow-remove-essential here. I'm not sure about
> the context, but from the manpage, it looks like this is potentially
> dangerous, and I don't see why it is a good idea here. Same remark for
> --allow-unauthenticated given on the same line and elsewhere in the
> apticron script, it looks like this could be a security risk.
I'm coming back to my Debian work after some time in VAC, sorry for the
delay.
Regarding the --allow-unauthenticated, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741483#10
Now that --force-yes is deprecated I hope we'll be able to fix that
issue. I'll take a look and come back soon with the news.
Bests,
--
tiago
