Re: APT vulnerability [DSA 4371-1]

To: debian-security@lists.debian.org
Subject: Re: APT vulnerability [DSA 4371-1]
From: Vladislav Kurz <vladislav.kurz@webstep.net>
Date: Tue, 22 Jan 2019 17:34:46 +0100
Message-id: <[🔎] 9fcd721b-3853-3631-7316-4066093001eb@webstep.net>
In-reply-to: <[🔎] 5bd7beff-fc90-7ed4-06c3-73af8653b21d@gmail.com>
References: <[🔎] 854d86d2-663a-07ae-be4a-5ad4a5c0164b@webstep.net> <[🔎] 5bd7beff-fc90-7ed4-06c3-73af8653b21d@gmail.com>

On 1/22/19 3:43 PM, Evgeny Kapun wrote:
> On 22.01.2019 16:59, Vladislav Kurz wrote:
>> Hello everybody,
>>
>> I'm also encountering many errors when using
>>   apt -o Acquire::http::AllowRedirect=false update
>>   apt -o Acquire::http::AllowRedirect=false upgrade
>>
>> As written in announcement: This is known to break some proxies when
>> used against security.debian.org.
>>
>> However I do not use proxy at all. I have problems with jessie/updates,
>> cdn.debian.net, and http.debian.net
> 
> Try these URLs: http://cdn-fastly.deb.debian.org/debian,
> http://cdn-fastly.deb.debian.org/debian-security. The domains
> cdn.debian.net and http.debian.net are deprecated, use deb.debian.org
> instead.

Thanks for this info. It seems that jessie needs the above direct URL to
fastly even if not behind proxy (can't use SRV records).


-- 
Best Regards
        Vladislav Kurz

Reply to:

References:
- APT vulnerability [DSA 4371-1]
  - From: Vladislav Kurz <vladislav.kurz@webstep.net>
- Re: APT vulnerability [DSA 4371-1]
  - From: Evgeny Kapun <abacabadabacaba@gmail.com>

Prev by Date: Re: APT vulnerability [DSA 4371-1]
Next by Date: Upcoming stable point release (9.7)
Previous by thread: Re: APT vulnerability [DSA 4371-1]
Next by thread: Upcoming stable point release (9.7)
Index(es):
- Date
- Thread