Package: lxc-templates Version: 3.0.4-3 Severity: serious File: /usr/share/lxc/templates/lxc-debian User: debian-de...@lists.debian.org Usertags: bullseye-security
With the release of Debian bullseye and later, security updates are
provided in the bullseye-security suite instead of bullseye/updates.
The lxc-debian script appears to write an apt sources.list that will
not provide security updates for sources.list scripts created in order
to cater to Debian bullseye images. I suggest that this script check
the version of the Debian release in question using distro-info and
then if the release is 11 or higher, then use $release-security
otherwise use $release/updates as before. It is much better to use
distro-info than to hard-code the release version numbers. It might
even be a good idea to include the security suite information in
distro-info itself and look it up from there.
$ grep -A3 -B23 /updates /usr/share/lxc/templates/lxc-debian
write_sourceslist()
{
local rootfs="$1"; shift
local release="$1"; shift
local arch="$1"; shift
local prefix="deb"
if [ -n "${arch}" ]; then
prefix="deb [arch=${arch}]"
fi
if [ "$mainonly" = 1 ]; then
non_main=''
else
non_main=' contrib non-free'
fi
cat >> "${rootfs}/etc/apt/sources.list" << EOF
${prefix} $MIRROR ${release} main${non_main}
EOF
if [ "$release" != "unstable" -a "$release" != "sid" ]; then
cat >> "${rootfs}/etc/apt/sources.list" << EOF
${prefix} $SECURITY_MIRROR ${release}/updates main${non_main}
EOF
fi
}
--
bye,
pabs
https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
