[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#153556: marked as done (packages.debian.org should redirect to security.debian.org as appropriate)

Your message dated Mon, 24 Mar 2003 16:09:41 +0100
with message-id <20030324150941.GJ25255@prvidomaci.srce.hr>
and subject line Fixed
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 19 Jul 2002 11:52:47 +0000
>From era@[] Fri Jul 19 06:52:46 2002
Return-path: <era@[]>
Received: from rhols66.adsl.netsonic.fi (there) [] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17VWJP-0005xF-00; Fri, 19 Jul 2002 06:52:43 -0500
Received: from era by there with local (Exim 3.12 #1 (Debian))
	id 17VWJN-0000Yl-00
	for <submit@bugs.debian.org>; Fri, 19 Jul 2002 14:52:41 +0300
From: era eriksson <era@iki.fi>
Subject: www.debian.org: Should redirect to security.debian.org for downloads when applicable
To: submit@bugs.debian.org
X-Mailer: bug 3.2.10
X-Debbugs-Cc: era+debian@iki.fi
Message-Id: <E17VWJN-0000Yl-00@there>
Sender: era eriksson <era@[]>
Date: Fri, 19 Jul 2002 14:52:41 +0300
Delivered-To: submit@bugs.debian.org

Package: www.debian.org
Version: 20020719
Severity: grave

I just noticed that the search engine on packages.debian.org does not
get me the latest security patches.

For example, attempting to download the latest cipe-source gets me
1.3.0-2 although this has a known security problem which is fixed in
cipe-1.3.0-3 which is available from security.debian.org.

I realize that not many people are using the search engine to do
actual downloads anymore, what with apt-get and all that, but this is
nevertheless IMHO a security flaw in the system.

/* era */

-- System Information
Debian Release: 2.2
Kernel Version: Linux there 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown

Received: (at 153556-done) by bugs.debian.org; 24 Mar 2003 15:09:43 +0000
>From joy@srce.hr Mon Mar 24 09:09:42 2003
Return-path: <joy@srce.hr>
Received: from prvidomaci.srce.hr [] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 18xTa2-0001t2-00; Mon, 24 Mar 2003 09:09:42 -0600
Received: from joy by prvidomaci.srce.hr with local (Exim 3.36 #1 (Debian))
	id 18xTa1-0007eL-00
	for <153556-done@bugs.debian.org>; Mon, 24 Mar 2003 16:09:41 +0100
Date: Mon, 24 Mar 2003 16:09:41 +0100
To: 153556-done@bugs.debian.org
Subject: Fixed
Message-ID: <20030324150941.GJ25255@prvidomaci.srce.hr>
References: <[🔎] 20030323192333.GB211@ftbfs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] 20030323192333.GB211@ftbfs.org>
User-Agent: Mutt/1.5.4i
From: Josip Rodin <joy@srce.hr>
Delivered-To: 153556-done@bugs.debian.org
X-Spam-Status: No, hits=-2.5 required=4.0


I've applied Matt Kraai's patch which adds support for security.debian.org
in packages.debian.org, fixed broken things (among other things, for some
reason Perl didn't like -s vs. -S, it handled them case-insensitively),
added missing things, and there we go. :)

Thanks to Era for reporting and of course thanks to Matt for making an
initial patch.

Now if only we had official security.d.o mirrors... download.pl output
looks somewhat sad. :)

     2. That which causes joy or happiness.

Reply to: