Re: (solved)Re: can't install jmtpfs of stretch(i386)

[Pascal Hambourg <pascal@plouf.fr.eu.org>]

Le 05/08/2018 à 14:24, Long Wind a écrit :
>   Sorry, it seems that default behavior of yahoo mail is top post

Can't you move the cursor below the quoted text ?

> yes, i've comment out all sources in sources.list except
> http://ftp.se.debian.org/debian stretch main

Why ? You don't get security updates any more, and since you already got 
some security updates, you may face the dependency problem again until 
all installed security updates eventually get included in the main 
archive (at the next point release).

>      On Sunday, August 5, 2018, 8:05:45 PM GMT+8, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
>   
>   Please don't top post, it makes it harder to read and reply.
>
> Le 05/08/2018 à 13:52, Long Wind a écrit :
> >    fuse:
> >      Installed: 2.9.7-1
> >      Candidate: 2.9.7-1
> >      Version table:
> >     *** 2.9.7-1 500
> >            500 http://ftp.se.debian.org/debian stretch/main i386 Packages
> >            100 /var/lib/dpkg/status
> > libfuse2:
> >      Installed: 2.9.7-1
> >      Candidate: 2.9.7-1
> >      Version table:
> >     *** 2.9.7-1 500
> >            500 http://ftp.se.debian.org/debian stretch/main i386 Packages
> >            100 /var/lib/dpkg/status
>
> As expected, you actually downgraded fuse to the version affected by the
> vulnerability exposed in DSA-4257-1.
> The reason is probably that there is no more security mirror declared in
> your sources.list. Otherwise apt-cache would show the versions available
> on this mirror. So you do not get security updates any more.