Package: www.debian.org,release-notes Severity: normal X-Debbugs-Cc: team@security.debian.org Hi teams, The [errata] advises one to use deb http://security.debian.org/debian-security bullseye-security main contrib non-free while the [release-notes] advises deb https://deb.debian.org/debian-security bullseye-security main contrib Even if both will have the same result (the last time a non-free package was uploaded to the security archive may have been during Etch), having two different official advice makes it difficult in some situation (“what should we actually use?”). Is the use of HTTPS via deb.d.o preferable over HTTP via security.d.o? If so maybe the errata should be updated, if it’s the other way around, the realease-notes should be updated. errata: https://www.debian.org/releases/stable/errata#security release-notes: https://www.debian.org/releases/stable/amd64/release-notes/ch-information#security-archive Regards David
Attachment:
signature.asc
Description: PGP signature