[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security updates are untrusted

Brian <ad44@cityscape.co.uk> writes:

> On Thu 24 Apr 2014 at 14:58:52 -0700, Carl Johnson wrote:
>> I was just noticing that aptitude warns that a number of packages are
>> listed as untrusted.  I checked using 'apt-cache policy' and those
> May we see the output that aptitude displays to you?

Sorry, I should have sent that first.  When using the curses interface
of aptitude it shows this before the package description of pidgin:
  WARNING: This version of pidgin is from an untrusted source!  Installing this
           package could allow a malicious individual to damage or take control
           of your system.
That warning only shows on a few packages, and it only appears to be
some of the security releases.

The ouput of 'apt-cache policy pidgin' is:
  Installed: (none)
  Candidate: 2.10.9-1~deb7u1
  Version table:
     2.10.9-1~deb7u1 0
        500 http://security.debian.org/ wheezy/updates/main amd64 Packages
     2.10.6-3 0
        500 http://debian.osuosl.org/debian/ wheezy/main amd64 Packages

I also should have mentioned that I am using Wheezy and have nothing
pinned.  The lines from apt-sources are:
deb http://debian.osuosl.org/debian/ wheezy main contrib non-free
deb http://security.debian.org/ wheezy/updates main contrib non-free
deb http://debian.osuosl.org/debian/ wheezy-updates main contrib non-free
deb http://archive.zfsonlinux.org/debian wheezy main

I just now told aptitude to do an update, and it appears that all of
those have disappeared now!  Maybe I had gotten a bad update the last
time I had updated.

Sorry for the false alarm and thanks for the reply.
Carl Johnson		carlj@peak.org

Reply to: