On Sun, Aug 07, 2011 at 04:22:25PM +0100, Nick Leverton wrote: > On Thu, Aug 04, 2011 at 06:59:06PM +0100, Mark Hindley wrote: > > OK, this is deliberate. I wasn't aware valid repository URLs > > could/should include /../, so they are rejected as a security check. > > > > Why are you using that rather than > > http://ftp.uk.debian.org/debian/project/experimental/Release ? > > Hi Mark, > > I've been using that format since Woody days, when IIRC it was the > recommended way to do it. I didn't realise it's not needed any more > but I've now changed to use: > deb http://proxy:9999/ftp.uk.debian.org/debian experimental main contrib > non-free > > I agree stopping double-dots in URLs is good to reduce potential for proxy > abuse.
I will put a note in the NEWS so that other folk with this config get a warnings. Thanks Mark -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
