Fwd: updating debian warnings

[Steve Greig <greigsteve@gmail.com>]

---------- Forwarded message ----------
From: Steve Greig <greigsteve@gmail.com>
Date: Tue, Jun 16, 2015 at 8:43 AM
Subject: Re: updating debian warnings
To: Brian <ad44@cityscape.co.uk>

Thanks for you responses. I have posted contents of etc/apt/sources.list followed by output from dpkg -l debian-archive-keyring below:

# deb cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official amd64 kde-CD Binary-1 20130615-23:04]/ wheezy main

deb cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official amd64 kde-CD Binary-1 20130615-23:04]/ wheezy main

deb http://ftp.uk.debian.org/debian/ wheezy main
deb-src http://ftp.uk.debian.org/debian/ wheezy main

deb http://security.debian.org/ wheezy/updates main
deb-src http://security.debian.org/ wheezy/updates main

# wheezy-updates, previously known as 'volatile'
deb http://ftp.uk.debian.org/debian/ wheezy-updates main
deb-src http://ftp.uk.debian.org/debian/ wheezy-updates main

deb http://repository.spotify.com stable non-free

AND:

steve@debian:~$ dpkg -l debian-archive-keyring
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name               Version        Architecture   Description
+++-==================-==============-==============-=========================================
ii  debian-archive-key 2012.4         all            GnuPG archive keys of the Debian archive
steve@debian:~$

On Tue, Jun 16, 2015 at 12:33 AM, Brian <ad44@cityscape.co.uk> wrote:

On Mon 15 Jun 2015 at 23:44:50 +0100, Lisi Reisz wrote:

> On Monday 15 June 2015 23:01:05 Steve Greig wrote:
> > I tried to update debian (my first time) and Apper quickly warned me that I
> > was about to install unsigned packages and that it was impossible to verify
> > if they came from a trusted source: Do you want to continue? I decided to
> > take a risk and clicked 'yes'. This led to another warning window requiring
> > me to reenter my password. At this point I bottled out and cancelled the
> > update.
> >
> > I would have thought that only trusted software would be put into the
> > updates so was surprised by this and would like to ask for a bit of
> > explanation and also advice on how to proceed.
>
> What have you got in your sources list?

He could also post what he gets for

  dpkg -l debian-archive-keyring

while he at it.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] 16062015003212.c59630f01b34@desktop.copernicus.demon.co.uk" rel="noreferrer" target="_blank">https://lists.debian.org/[🔎] 16062015003212.c59630f01b34@desktop.copernicus.demon.co.uk