Long, it’s much safer to generate a new sources.list without security, please give it a try. I recommend leaving Fast Server Select on.
https://debgen.simplylinux.ch
Pascal, top reply is the default on many clients and web mail. I’m on my iPhone using MS Outlook and it doesn’t let you choose where to put the cursor relative to the reply text.
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Sent: Sunday, August 5, 2018 8:50 AM
To: debian-user@lists.debian.org
Subject: Re: (solved)Re: can't install jmtpfs of stretch(i386)
Le 05/08/2018 à 14:24, Long Wind a écrit :
> Sorry, it seems that default behavior of yahoo mail is top post
Can't you move the cursor below the quoted text ?
> yes, i've comment out all sources in sources.list except
> http://ftp.se.debian.org/debian stretch main
Why ? You don't get security updates any more, and since you already got
some security updates, you may face the dependency problem again until
all installed security updates eventually get included in the main
archive (at the next point release).
> On Sunday, August 5, 2018, 8:05:45 PM GMT+8, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
>
> Please don't top post, it makes it harder to read and reply.
>
> Le 05/08/2018 à 13:52, Long Wind a écrit :
>> fuse:
>> Installed: 2.9.7-1
>> Candidate: 2.9.7-1
>> Version table:
>> *** 2.9.7-1 500
>> 500 http://ftp.se.debian.org/debian stretch/main i386 Packages
>> 100 /var/lib/dpkg/status
>> libfuse2:
>> Installed: 2.9.7-1
>> Candidate: 2.9.7-1
>> Version table:
>> *** 2.9.7-1 500
>> 500 http://ftp.se.debian.org/debian stretch/main i386 Packages
>> 100 /var/lib/dpkg/status
>
> As expected, you actually downgraded fuse to the version affected by the
> vulnerability exposed in DSA-4257-1.
> The reason is probably that there is no more security mirror declared in
> your sources.list. Otherwise apt-cache would show the versions available
> on this mirror. So you do not get security updates any more.