On Thu, Jan 24, 2019 at 01:13:31PM +0100, Alexander Bochmann wrote:
> ...on Wed, Jan 23, 2019 at 11:54:10PM +0100, KatolaZ wrote:
>
> > explained in the email I forwarded. Or, if you trust Devuan, to use
> > pkgmaster.devuan.org in your sources.list (that one is the master
> > Devuan repo, and
...on Wed, Jan 23, 2019 at 11:54:10PM +0100, KatolaZ wrote:
> explained in the email I forwarded. Or, if you trust Devuan, to use
> pkgmaster.devuan.org in your sources.list (that one is the master
> Devuan repo, and is on a machine to which only a reduced number of
Using the usual
On Thu, 24 Jan 2019 00:58:27 +0100
KatolaZ wrote:
> On Thu, Jan 24, 2019 at 12:28:35AM +0100, Florian Zieboll wrote:
> > Am 23. Januar 2019 23:54:10 MEZ schrieb KatolaZ
> > :
> [...]
> >
> > Hallo Katolaz,
> >
> > thank you for the quick clarification, I got it and was just about
> > to
On Thu, Jan 24, 2019 at 12:28:35AM +0100, Florian Zieboll wrote:
> Am 23. Januar 2019 23:54:10 MEZ schrieb KatolaZ :
>
> > No Florian, there is no "not-redirecting" repository in Devuan. Any
> > Devuan repo will redirect to the corresponding Debian repo for all the
> > packages that have not been
Am 23. Januar 2019 23:54:10 MEZ schrieb KatolaZ :
> No Florian, there is no "not-redirecting" repository in Devuan. Any
> Devuan repo will redirect to the corresponding Debian repo for all the
> packages that have not been forked by Debian, so you can't set
> AllowRedirect to false.
>
> The
Am 23. Januar 2019 23:54:10 MEZ schrieb KatolaZ :
> No Florian, there is no "not-redirecting" repository in Devuan. Any
> Devuan repo will redirect to the corresponding Debian repo for all the
> packages that have not been forked by Debian, so you can't set
> AllowRedirect to false.
>
> The
On Wed, Jan 23, 2019 at 11:42:15PM +0100, Florian Zieboll wrote:
> Am 22. Januar 2019 16:24:40 MEZ schrieb KatolaZ :
>
> > use pkgmaster.devuan.org in your sources.list to do
> > the upgrade
>
>
> If I understand the bug report correctly, it is not sufficient to change the
> repository to a
Am 22. Januar 2019 16:24:40 MEZ schrieb KatolaZ :
> use pkgmaster.devuan.org in your sources.list to do
> the upgrade
If I understand the bug report correctly, it is not sufficient to change the
repository to a not redirecting one, but it is also necessary to add the
On Tue, Jan 22, 2019 at 04:24:40PM +0100, KatolaZ wrote:
> The full DSA is available below, and the corresponding CVE is at:
>
> https://security-tracker.debian.org/tracker/CVE-2019-3462
>
> The safest way would actually be to manually download the deb packages
> of apt from the
Dear D1rs,
a quite important security hole has been discovered (and patched) in
apt. The hole allows remote code execution upon http redirects through
malicious mirrors. Since Devuan repos are based on redirects, we urge
everybody to upgrade the "apt" package.
The full DSA is available below,
10 matches
Mail list logo
