[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#743892: please include security.debian.org in sources.list

The AWS ELB servers are apparently vulnerable, too, so don't update
your SSL certs on ELB until they are confirmed fixed.

https://forums.aws.amazon.com/thread.jspa?threadID=149690&tstart=0

On Mon, Apr 7, 2014 at 5:48 PM, Jonathan Landis <jkl@calibersecurity.com> wrote:
> Package: cloud.debian.org
>
> The heartbleed bug has created a situation in which servers must be upgraded
> immediately. At the moment the default mirrors listed in the Debian Wheezy
> AMI image don't have the patches yet, but security.debian.org does. So users
> of the existing image have to update sources.list on each of their servers
> if they want to get patched ASAP.
>
> Is there any reason not to include security.debian.org in sources.list by
> default?
>
>
> --
> To UNSUBSCRIBE, email to debian-cloud-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> Archive: [🔎] 53434779.2010007@calibersecurity.com">https://lists.debian.org/[🔎] 53434779.2010007@calibersecurity.com
>
Reply to: