Re: Re: [SECURITY] [DSA 4371-1] apt security update
Thanks a lot Yves-Alexis for reply and advice!
> Also it's likely that
> you need to ask this to Raspbian, not Debian.
Please give me a 2.nd try in this list. If it will become obviosly to be
a problem of Raspbian I will change to them.
> It would help to paste the exact error messages.
The command "sudo apt -o Acquire::http::AllowRedirect=false update" ran
fine.
By apt "list --upgradable" these 5 packages are displayed:
apt/stable 1.4.9 armhf [upgradable from: 1.4.8]
apt-transport-https/stable 1.4.9 armhf [upgradable from: 1.4.8]
apt-utils/stable 1.4.9 armhf [upgradable from: 1.4.8]
libapt-inst2.0/stable 1.4.9 armhf [upgradable from: 1.4.8]
libapt-pkg5.0/stable 1.4.9 armhf [upgradable from: 1.4.8]
But by sudo "apt -o Acquire::http::AllowRedirect=false upgrade"
I always got the following error messages after my confirm to install:
Err:1 http://raspbian.raspberrypi.org/raspbian stretch/main armhf
libapt-pkg5.0 armhf 1.4.9
302 Found [IP: 93.93.128.193 80]
Err:2 http://raspbian.raspberrypi.org/raspbian stretch/main armhf
libapt-inst2.0 armhf 1.4.9
302 Found [IP: 93.93.128.193 80]
Err:3 http://raspbian.raspberrypi.org/raspbian stretch/main armhf apt
armhf 1.4.9
302 Found [IP: 93.93.128.193 80]
Err:4 http://raspbian.raspberrypi.org/raspbian stretch/main armhf
apt-utils armhf 1.4.9
302 Found [IP: 93.93.128.193 80]
Err:5 http://raspbian.raspberrypi.org/raspbian stretch/main armhf
apt-transport-https armhf 1.4.9
302 Found [IP: 93.93.128.193 80]
E: Failed to fetch
http://raspbian.raspberrypi.org/raspbian/pool/main/a/apt/libapt-pkg5.0_1.4.9_armhf.deb
302 Found [IP: 93.93.128.193 80]
E: Failed to fetch
http://raspbian.raspberrypi.org/raspbian/pool/main/a/apt/libapt-inst2.0_1.4.9_armhf.deb
302 Found [IP: 93.93.128.193 80]
E: Failed to fetch
http://raspbian.raspberrypi.org/raspbian/pool/main/a/apt/apt_1.4.9_armhf.deb
302 Found [IP: 93.93.128.193 80]
E: Failed to fetch
http://raspbian.raspberrypi.org/raspbian/pool/main/a/apt/apt-utils_1.4.9_armhf.deb
302 Found [IP: 93.93.128.193 80]
E: Failed to fetch
http://raspbian.raspberrypi.org/raspbian/pool/main/a/apt/apt-transport-https_1.4.9_armhf.deb
302 Found [IP: 93.93.128.193 80]
E: Unable to fetch some archives, maybe run apt-get update or try with
--fix-missing?
I tried to use a command with --fix-missing but this didn't work. Maybe
I used the wrong syntax.
> Can you provide the links you used and the hash it gives you locally?
This was a second problem when I tried to solve it by manual
instalaltion. For the downloads I used the links you have posted and
found some dismatched hashes in these files:
apt-dbgsym_1.4.9_armhf.deb
Local Hash =
734604633a87aac1b6bdf1ded6ed9a398122be8654690e6acc9a195c3d6dab14
apt-utils-dbgsym_1.4.9_armhf.deb -
Local Hash =
42b07cdf359a7dcca06533bb3672039b62cd850a3f65d63f9a92ed6ed20537f1
libapt-inst2.0-dbgsym_1.4.9_armhf.deb
Local Hash =
35044d57c7832041eb212fdab5893dc168b25ab4f7f6f50e00a471ac9f7213dc
libapt-pkg5.0-dbgsym_1.4.9_armhf.deb
Local Hash =
d4e59e53e471b11c2bcd1ecf39f71bb50214b97ba492ba7b767301816266ce37
But meanwhile I see that I don't need those files because they are
obviosly not displayed by apt --upgradable list.
And the hashes for the 5 needed packages seem to match.
> Try dpkg - -l |grep apt
dpkg --list |grep apt worked for me.
That's the result:
ii apt 1.4.8 armhf
commandline package manager
ii apt-listchanges 3.10 all
package change history notification tool
ii apt-transport-https 1.4.8 armhf
https download transport for APT
ii apt-utils 1.4.8 armhf
package management related utility programs
ii aptitude 0.8.7-1 armhf
terminal-based package manager
ii aptitude-common 0.8.7-1 all
architecture independent files for the aptitude package manager
ii firmware-realtek 1:20161130-3+rpt4 all
Binary firmware for Realtek wired/wifi/BT adapters
ii libapt-inst2.0:armhf 1.4.8 armhf
deb package format runtime library
ii libapt-pkg5.0:armhf 1.4.8 armhf
package management runtime library
ii python-apt-common 1.1.0~beta5 all
Python interface to libapt-pkg (locales)
ii python3-apt 1.1.0~beta5 armhf
Besides according to your recommendation I tried this too:
deb http://cdn-fastly.deb.debian.org/debian-security stable/updates main
in /etc/apt/sources.list.
But running an update command an error showed up that the key doesn't
match, so this failed too.
So please let me know - what is your conclusion?
It's a question for Raspbian - and I should ask there now?
Or can I install the 5 upgrade files qouted above manually without
greater danger of a system crash? What do you recommend to be the very
next step?
Thank you in advance.
Edgar
Reply to: