Re: [SECURITY] [DSA 4371-1] apt security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, 2019-01-24 at 15:08 +0100, Edgar Remmel wrote:
> Hello,
Hi Edgar,
adding debian-security mailing list since it's the proper place to ask about
his.
>
> the above security update was linked by a security forum.
>
> As the commands worked fine for my Linux system the upgrade command
> failed on my Raspberry Pi 3 (OS Rasbian lite based on Stretch stable)
> because unable to find the packages.
It would help to paste the exact error messages. But it's likely that your
sources use redirect and is thus broken by the option. Also it's likely that
you need to ask this to Raspbian, not Debian.
>
> I downloaded the 11 files for armhf architecture to install them
> manually. But suprisingly for 4 files the hashes don't match:
>
> apt-dbgsym_1.4.9_armhf.deb
>
> apt-utils-dbgsym_1.4.9_armhf.deb
>
> libapt-inst2.0-dbgsym_1.4.9_armhf.deb
>
> libapt-pkg5.0-dbgsym_1.4.9_armhf.deb
Can you provide the links you used and the hash it gives you locally? My
feeling is that you try to download Raspbian packages which have been rebuilt
and thus you need to look at a Raspbian advisory.
>
> Can I install the Architecutre independet files instead and do I need
> the Source archives for installing working correctly?
> possbl
You only need the updated version of the packages you already have. Try dpkg
- -l |grep apt to get that list.
Regards,
- --
Yves-Alexis
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlxJzc0ACgkQ3rYcyPpX
RFuJ9Qf+JL5i3rpshbjA0qPkEK2sI+E2h3jlXQv71gbkxJL9TRIRN+gyvgnMjF6o
Lg8IcOuebNlBf3mvMwpW++5fF5Mjrar3/BRXv/LvE+kww2tpvxdu8qb/XVAJ5WpZ
MWfbyHLOqcrB9GWuk5llFpMbLM8Ay+tL7WQI7b8ulLUgocf6CuxwPOA+f8r2jJHv
nvEtTn0sg99gIjB7xsOMBwgezX4PPMO4AZuop4j7qWD3xqmgkc9TT/NoZeM3FufG
/fA86k76LeatCxWkqahMV+K1i6dm9v6CkPOrWGyaSVYBi12/psJPo5q1MKeoO1qk
00Bzx7psFdl5n6DABCOIcuhatsRoJA==
=RCyT
-----END PGP SIGNATURE-----
Reply to: