Bug#1012174: Inconsistent advice wrt security archive

To: 1012174@bugs.debian.org
Subject: Bug#1012174: Inconsistent advice wrt security archive
From: Richard Lewis <richard.lewis.debian@googlemail.com>
Date: Mon, 1 May 2023 15:26:18 +0100
Message-id: <[🔎] CAJ3BuoR8OC5BuGXfwEzh8Lg3ZHDP9X+uRPvOTQSNqGUsa-56Qw@mail.gmail.com>
Reply-to: Richard Lewis <richard.lewis.debian@googlemail.com>, 1012174@bugs.debian.org
References: <YpYJfwk2EkgriXCX@persil.tilapin.org>

On Tue, 31 May 2022 16:13:27 +0100 Brian Potkin <claremont102@gmail.com> wrote:
> On Tue 31 May 2022 at 14:58:00 +0200, Julien Cristau wrote:
> > On Tue, May 31, 2022 at 02:26:39PM +0200, David Prévot wrote:

> > > The [errata] advises one to use
> > >
> > >   deb http://security.debian.org/debian-security bullseye-security main contrib non-free
> > >
> > > while the [release-notes] advises
> > >
> > >   deb https://deb.debian.org/debian-security bullseye-security main contrib

> > >   errata: https://www.debian.org/releases/stable/errata#security
> > >   release-notes: https://www.debian.org/releases/stable/amd64/release-notes/ch-information#security-archive
> > >
> > The release-notes version is preferred, as far as scheme and hostname.
>
> There appears to be a consensus in favour of https. For example:
>
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992692#37

In release-notes the only http:// i could find was in en/upgrading.dbk
(apart from inside xmlns markup)
https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/160
has just been submitted to update this to https

I dont think the 'errata' page above is in the release-notes repository (?)

Reply to:

Follow-Ups:
- Bug#1012174: Inconsistent advice wrt security archive
  - From: Paul Gevers <elbrus@debian.org>

Next by Date: Problemi con laserjet office
Next by thread: Bug#1012174: Inconsistent advice wrt security archive
Index(es):
- Date
- Thread