[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1012174: marked as done (Inconsistent advice wrt security archive)



Your message dated Mon, 23 Dec 2024 15:25:55 +0000
with message-id <CAJ3BuoQ_i01KuQEDiwO-jGZ=3YbeUdpnsDnf8o2fUTRT=e70_Q@mail.gmail.com>
and subject line Re: Bug#1012174: Inconsistent advice wrt security archive
has caused the Debian Bug report #1012174,
regarding Inconsistent advice wrt security archive
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1012174: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012174
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: www.debian.org,release-notes
Severity: normal
X-Debbugs-Cc: team@security.debian.org

Hi teams,

The [errata] advises one to use 

  deb http://security.debian.org/debian-security bullseye-security main contrib non-free

while the [release-notes] advises

  deb https://deb.debian.org/debian-security bullseye-security main contrib

Even if both will have the same result (the last time a non-free package
was uploaded to the security archive may have been during Etch), having
two different official advice makes it difficult in some situation
(“what should we actually use?”). Is the use of HTTPS via deb.d.o
preferable over HTTP via security.d.o? If so maybe the errata should be
updated, if it’s the other way around, the realease-notes should be
updated.

  errata: https://www.debian.org/releases/stable/errata#security
  release-notes: https://www.debian.org/releases/stable/amd64/release-notes/ch-information#security-archive

Regards

David

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message ---
On Mon, 8 May 2023 09:42:02 +0100 Richard Lewis
<richard.lewis.debian@googlemail.com> wrote:
> On Wed, 3 May 2023 21:52:47 +0200 Paul Gevers <elbrus@debian.org> wrote:
> > Hi Richard,
> >
> > On 01-05-2023 16:26, Richard Lewis wrote:
> > > I dont think the 'errata' page above is in the release-notes repository (?)
> >
> > That's correct, but that's also why the original reporter filed the bug
> > against both www.debian.org and release-notes.
>
> thanks - didn't know that was even a possibility!
>
> > It lives here:
> > https://salsa.debian.org/webmaster-team/webwml/-/blob/master/english/releases/bookworm/errata.wml
>
> MR for that file submitted @
> https://salsa.debian.org/webmaster-team/webwml/-/merge_requests/903

This MR was merged, (and release-notes was already updated) so this
bug can be closed

--- End Message ---

Reply to: