[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#743892: please include security.debian.org in sources.list

The AWS ELB servers are apparently vulnerable, too, so don't update
your SSL certs on ELB until they are confirmed fixed.


On Mon, Apr 7, 2014 at 5:48 PM, Jonathan Landis <jkl@calibersecurity.com> wrote:
> Package: cloud.debian.org
> The heartbleed bug has created a situation in which servers must be upgraded
> immediately. At the moment the default mirrors listed in the Debian Wheezy
> AMI image don't have the patches yet, but security.debian.org does. So users
> of the existing image have to update sources.list on each of their servers
> if they want to get patched ASAP.
> Is there any reason not to include security.debian.org in sources.list by
> default?
> --
> To UNSUBSCRIBE, email to debian-cloud-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> Archive: [🔎] 53434779.2010007@calibersecurity.com">https://lists.debian.org/[🔎] 53434779.2010007@calibersecurity.com

Reply to: