Re: Security Updates
On Wed, Aug 31, 2016 at 06:04:34AM -0700, Larry Dighera wrote:
> On Tue, 30 Aug 2016 20:44:27 +0000, "Andrew M.A. Cater"
> <amacater@galactic.demon.co.uk> wrote:
>
> >On Tue, Aug 30, 2016 at 12:58:47PM -0700, Larry Dighera wrote:
> >>
> >> This page <https://www.debian.org/releases/stable/errata> states:
> >>
> >> "If you use APT, add the following line to /etc/apt/sources.list to be able
> >> to access the latest security updates:
> >>
> >> deb http://security.debian.org/ jessie/updates main contrib non-free
> >>
> >> After that, run apt-get update followed by apt-get upgrade."
> >>
> >> Adding that entry to /etc/apt/sources.list on the Raspberry Pi3 running Debian
> >> Jessie results in an error message indicating that the public key is not found.
> >> It also finds two libraries that require updating that are not found when the
> >> above mentioned /etc/apt/sources.list entry is removed.
> >>
> >> 1. What do I need to do to prevent the error message?
> >>
> >> 2. As there are other security related URLs (doubtless, as
> >> distributed/released) that are checked during apt-get update, is the
> >> recommended additional entry advisable/useful for this platform?
> >
> >Debian or Raspbian?
> >
> >If Raspbian - that's based very closely on Debian but isn't strictly Debian.
> >
> >Mixing the two might not be a good idea since there will probably be incompatibilities at some level.
> >
> >There is a port of pure Debian to the Pi 2 - look on the Debian wiki - but no one has yet done this for the Pi 3 as far as I know.
> >
> >[The original Pi required different compilation options to cope with floating point "stuff" which rendered Debian incompatible:
> >Raspbian is a re-compilation to suit the Raspberry Pi. Pi 2 is ARM v7 with hardware floating point. Pi 3 is 64 bit core (so arm64 would work if
> >the Pi folk hadn't put in 32 bit glue logic or thereabouts). There are also issues with the way of loading the operating system, initialising video
> >and non-free firmware which can cause problems.]
> >
> >All the best,
> >
> >AndyC
>
>
>
> Hello Andy,
>
> I thought I made it clear that the OS was Debian Jessie. It was installed from
> the NOOBS release: <https://www.raspberrypi.org/downloads/noobs/>. As you can
> see from this article
> <https://www.raspberrypi.org/blog/raspbian-jessie-is-here/>, Debian Jessie was
> released for the Raspberry Pi platform almost a year ago, September 2015.
>
> Have you any insight into how to overcome the ;public key not found; error
> message adding that security repository to the apt list, as stated on the
> Debian.org web site, may be resolved?
>
> Thank you for your response.
>
> Best regards,
> Larry
>
Hi Larry,
That's Raspbian - NOOBS installs Raspbian.
As Lisi Reisz has stated to you in another email: Raspbian handle their own security updates.
If you want to add the keys to the Debian security updates repository you can use an apt-key add command and the key available from http://ftp-master.debian.org/keys.html
[The main archive signing key is also used to sign the security updates].
Be aware that you might create problems for yourself.
You may well want to look at the Debian Administrators handbook - you can try apt-get install debian-handbook if the package is also available for Raspbian.
Hope this helps,
Al the very best,
AndyC
[Copying to the list as this may be of more use more widely]
Reply to: