Re: APT vulnerability [DSA 4371-1]
On 1/22/19 3:43 PM, Evgeny Kapun wrote:
> On 22.01.2019 16:59, Vladislav Kurz wrote:
>> Hello everybody,
>> I'm also encountering many errors when using
>> apt -o Acquire::http::AllowRedirect=false update
>> apt -o Acquire::http::AllowRedirect=false upgrade
>> As written in announcement: This is known to break some proxies when
>> used against security.debian.org.
>> However I do not use proxy at all. I have problems with jessie/updates,
>> cdn.debian.net, and http.debian.net
> Try these URLs: http://cdn-fastly.deb.debian.org/debian,
> http://cdn-fastly.deb.debian.org/debian-security. The domains
> cdn.debian.net and http.debian.net are deprecated, use deb.debian.org
Thanks for this info. It seems that jessie needs the above direct URL to
fastly even if not behind proxy (can't use SRV records).