Re: No Release file for Security Update

Tixy wrote: > On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > > Tixy writes: > > > Where could your machine be getting this IP address from?  It's > > > the same IP address shown in your output when you used the > > > incorrect address 'ftp.security.debian.org' and for me that > > > does

SOLVED Re: No Release file for Security Update SOLVED

  The following sources.list which I copied from wiki.debian.org/SourcesList works perfectly for me deb http://deb.debian.org/debian/ bookworm main non-free-firmware contrib non-free deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware contrib non-free deb http://deb.debian.

Re: No Release file for Security Update

On Thu, Jan 18, 2024 at 10:59:48AM -0600, John Hasler wrote: > Host gives me the same result. However, apt says: > > 0% [Connecting to security-debian.org (57.128.81.193)] security-debian.org and security.debian.org are different names.

Re: No Release file for Security Update

On Thu, 2024-01-18 at 18:51 +, Tixy wrote: > > On Thu, 2024-01-18 at 18:16 +, Tixy wrote: > > > > On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > > > > > > Tixy writes: > > > > > > > > Where could your machine be getting this IP address from?  It's > > > > > > > > the > > > > > > >

Re: No Release file for Security Update

On Thu, 2024-01-18 at 18:16 +, Tixy wrote: > On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > > Tixy writes: > > > Where could your machine be getting this IP address from?  It's the > > > same IP address shown in your output when you used the incorrect > > > address 'ftp.security.debian

Re: No Release file for Security Update

On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > Tixy writes: > > Where could your machine be getting this IP address from?  It's the > > same IP address shown in your output when you used the incorrect > > address 'ftp.security.debian.org' and for me that doesn't resolve to > > any IP addre

Re: No Release file for Security Update

Tixy writes: > Where could your machine be getting this IP address from? It's the > same IP address shown in your output when you used the incorrect > address 'ftp.security.debian.org' and for me that doesn't resolve to > any IP address. >From here both security.debian.org and ftp.security.debian

Re: No Release file for Security Update

On Thu, 2024-01-18 at 10:48 -0500, Thomas George wrote: > On 1/17/24 20:52, Greg Wooledge wrote: > > On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: > > > deb http://ftp.security-debian.org/debian-security/ bookworm-security main > > > non-free non-free-firmware > > Stop guessing, an

Re: No Release file for Security Update

Host gives me the same result. However, apt says: 0% [Connecting to security-debian.org (57.128.81.193)] and times out. Using "nameserver 8.8.8.8" changes nothing. -- John Hasler j...@sugarbit.com Elmwood, WI USA

Re: No Release file for Security Update

Thomas George wrote: > I typed the above line exactly. apt-get update searches for > security.debian.org:80 [57.128.81.193] and times out, no connection Gene writes: > And that is not the address I get from here It's the one I get from here, and it times out. My DNS is working. -- John Hasler

Re: No Release file for Security Update SOLVED

  New sources.list file works perfectly deb http://deb.debian.org/debian/ bookworm main non-free-firmware contrib non-free deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware contrib non-free deb http://deb.debian.org/debian/ bookworm-updates main non-free-firmware contrib

Re: No Release file for Security Update

On 1/17/24 22:54, Todd Zullinger wrote: Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to use. https://list

Re: No Release file for Security Update

On Thu, Jan 18, 2024 at 10:59:34AM -0500, gene heskett wrote: > And that is not the address I get from here > ping -c1 security.debian.org > PING security.debian.org (151.101.2.132) 56(84) bytes of data. > 64 bytes from 151.101.2.132 (151.101.2.132): icmp_seq=1 ttl=59 time=15.8 ms > > Your dns isn

Re: No Release file for Security Update

On 1/18/24 10:49, Thomas George wrote: On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to u

Re: No Release file for Security Update

On 1/18/24 10:49, Thomas George wrote: On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to u

Re: No Release file for Security Update

On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to use. https://lists.debian.org/debian-use

update of bookworm-security failed Formerly Re: No Release file for Security Update

On 1/17/24 20:40, Thomas George wrote: On 1/17/24 19:05, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 11:31:52AM -0500, Thomas George wrote: # deb cdrom:[Debian GNU/Linux 12.2.0 _Bookworm_ - Official amd64 DVD Binary-1 with firmware 20231007-10:29]/ bookworm main non-free-firmware This one,

Re: No Release file for Security Update

On Wed, 17 Jan 2024 11:31:52 -0500 Thomas George wrote: > # deb cdrom:[Debian GNU/Linux 12.2.0 _Bookworm_ - Official amd64 DVD > Binary-1 with firmware 20231007-10:29]/ bookworm main > non-free-firmware > > deb http://ftp.debian.org/debian/ bookworm main non-free > non-free-firmware > > deb ht

Re: No Release file for Security Update

Greg Wooledge wrote: > On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: >> deb http://ftp.security-debian.org/debian-security/ bookworm-security main >> non-free non-free-firmware > > Stop guessing, and *read* what you were told to use. > > https://lists.debian.org/debian-user/2024/

Re: No Release file for Security Update

On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: > deb http://ftp.security-debian.org/debian-security/ bookworm-security main > non-free non-free-firmware Stop guessing, and *read* what you were told to use. https://lists.debian.org/debian-user/2024/01/msg00778.html Your source

Re: No Release file for Security Update

On 1/17/24 19:05, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 11:31:52AM -0500, Thomas George wrote: # deb cdrom:[Debian GNU/Linux 12.2.0 _Bookworm_ - Official amd64 DVD Binary-1 with firmware 20231007-10:29]/ bookworm main non-free-firmware This one, before you commented it out, only contai

Re: No Release file for Security Update

On Wed, Jan 17, 2024 at 11:31:52AM -0500, Thomas George wrote: > # deb cdrom:[Debian GNU/Linux 12.2.0 _Bookworm_ - Official amd64 DVD > Binary-1 with firmware 20231007-10:29]/ bookworm main non-free-firmware This one, before you commented it out, only contained non-free-firmware and *not* non-free

Re: No Release file for Security Update

On 1/17/24 16:13, Tom Furie wrote: Thomas George writes: deb http://ftp.debian.org/debian/ bookworm-security  main non-free non-free-firmware Err:5 http://ftp.debian.org/debian bookworm-security Release   404  Not Found [IP: 151.101. I entered you suggested line as http://security.debian

Re: No Release file for Security Update

Thomas George writes: > deb http://ftp.debian.org/debian/ bookworm-security  main non-free > non-free-firmware > Err:5 http://ftp.debian.org/debian bookworm-security Release >   404  Not Found [IP: 151.101. Your source is incorrect. The security repo is at "http://security.debian.org/debian-secu

Re: No Release file for Security Update

# deb cdrom:[Debian GNU/Linux 12.2.0 _Bookworm_ - Official amd64 DVD Binary-1 with firmware 20231007-10:29]/ bookworm main non-free-firmware deb http://ftp.debian.org/debian/ bookworm main non-free non-free-firmware deb http://ftp.debian.org/debian/ bookworm-updates main non-free non-free-firm

Re: No Release file for Security Update

On Tue, Jan 16, 2024 at 05:48:27PM +0100, Marco Moock wrote: > Am 16.01.2024 um 11:30:09 Uhr schrieb Thomas George: > > > The result was  bookworm InRelease, bookworm-updates InRelease, > > bookworm-secutity Relesse 404 Not Found [IP: 146.75.30.132 80] > ^ > > There seems to be a ty

Re: No Release file for Security Update

Am 16.01.2024 um 11:30:09 Uhr schrieb Thomas George: > The result was  bookworm InRelease, bookworm-updates InRelease, > bookworm-secutity Relesse 404 Not Found [IP: 146.75.30.132 80] ^ There seems to be a typo!

Re: No Release file for Security Update

On Tue, Jan 16, 2024 at 11:30:09AM -0500, Thomas George wrote: > I commented out the dvd and added to sources.list lines for bookworm, > bookworm-updates and bookworm-security. What lines did you add? > Ran apt-get update > > The result was  bookworm InRelease, bookworm-updates InRelease, > book

No Release file for Security Update

My system is Bookworm installed from the first DVD which was downloaded with the checksums and successfully checked. I commented out the dvd and added to sources.list lines for bookworm, bookworm-updates and bookworm-security. Ran apt-get update The result was  bookworm InRelease, bookworm-u

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

On Wed 02 Nov 2022 at 13:53:24 (-0400), Greg Wooledge wrote: > On Wed, Nov 02, 2022 at 12:45:57PM -0500, Nicholas Geovanis wrote: > > > > On 2022-11-02 03:40, Anssi Saari wrote: > > > >> Looks like a linux-5.10 source package was indeed added to Buster in > > > >> August and as you noted, it's gett

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

On Wed, Nov 02, 2022 at 12:45:57PM -0500, Nicholas Geovanis wrote: > > > On 2022-11-02 03:40, Anssi Saari wrote: > > >> Looks like a linux-5.10 source package was indeed added to Buster in > > >> August and as you noted, it's getting security updates too. > I'm just curious if this is the first ti

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

On Wed, Nov 2, 2022, 9:35 AM Anssi Saari wrote: > John Boxall writes: > > > On 2022-11-02 03:40, Anssi Saari wrote: > >> Looks like a linux-5.10 source package was indeed added to Buster in > >> August and as you noted, it's getting security updates too. There's some > >> info on the what and wh

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

John Boxall writes: > On 2022-11-02 03:40, Anssi Saari wrote: >> Looks like a linux-5.10 source package was indeed added to Buster in >> August and as you noted, it's getting security updates too. There's some >> info on the what and when at https://tracker.debian.org/pkg/linux-5.10 >> but I don'

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

On 2022-11-02 03:40, Anssi Saari wrote: Looks like a linux-5.10 source package was indeed added to Buster in August and as you noted, it's getting security updates too. There's some info on the what and when at https://tracker.debian.org/pkg/linux-5.10 but I don't know the why. Here is the in

Re: [SECURITY] [DLA 3173-1] linux-5.10 security update

Anssi Saari composed on 2022-11-02 09:40 (UTC+0200): > John Boxall wrote: >> Did I miss something in the last three years? When did buster go to a >> 5.10 kernel? My buster system is still on kernel 4.19. > Looks like a linux-5.10 source package was indeed added to Buster in > August and as you

Re: Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

John Boxall writes: > Did I miss something in the last three years? When did buster go to a > 5.10 kernel? My buster system is still on kernel 4.19. Looks like a linux-5.10 source package was indeed added to Buster in August and as you noted, it's getting security updates too. There's some info

Fwd: [SECURITY] [DLA 3173-1] linux-5.10 security update

Did I miss something in the last three years? When did buster go to a 5.10 kernel? My buster system is still on kernel 4.19. Forwarded Message Subject: [SECURITY] [DLA 3173-1] linux-5.10 security update Resent-Date: Tue, 1 Nov 2022 20:58:06 + (UTC) Resent-From: debian

Re: preseed d-i disable security update

On 2022-05-12 20:07+0200, john doe wrote: On 5/11/2022 1:51 PM, Tim Ye wrote: I would ask this question on the 'debian-boot' mailing list. Thank you I'll mail 'debian-boot'.

Re: preseed d-i disable security update

On 5/11/2022 1:51 PM, Tim Ye wrote: Hi, I'm trying to disable security update in a preseed based install, in the preseed file I put:     base-config apt-setup/security-updates boolean false on the 2nd line.  But it doesn't seem to work, security update is still performed during in

preseed d-i disable security update

Hi, I'm trying to disable security update in a preseed based install, in the preseed file I put: base-config apt-setup/security-updates boolean false on the 2nd line. But it doesn't seem to work, security update is still performed during installation. Is this option obsolet

Re: Debian DSA-5095-1 : linux - security update

>"apt-get upgrade” doesn’t upgrade the linux-headers to the latest >fixed version You need “apt-get upgrade --with-new-pkgs” at the very least to keep a stable system up-to-date. I use “apt-get --purge dist-upgrade” myself while keeping an eye on what packages apt wants to remove with that. bye,

Re: Debian DSA-5095-1 : linux - security update

On 3/17/22, Peter Wienemann wrote: > > You can check its status using > > dpkg -l linux-headers-amd64 That has interesting feedback. I've been using the following for a slightly different trek toward a similar end (includes what mine says right now): $ apt-cache policy linux-headers-amd64 linux

Re: Debian DSA-5095-1 : linux - security update

Hi Sona, On 17.03.22 15:02, Sona Das wrote: But whenever I tried to upgrade my linux-header it still remains on linux-headers-5.10.0-10 version, it doesn’t gets upgraded to the latest one. have you verified that the metapackage linux-headers-amd64 is installed on your system - as suggested by

Re: Debian DSA-5095-1 : linux - security update

rade" (or simply "apt-get dist-upgrade" if you prefer that) in order to download new packages that are dependencies of existing packages. If you only use "apt-get upgrade", you will never bring in any new kernels or kernel headers, because each ABI bump creates a whole new

Re: Debian DSA-5095-1 : linux - security update

ers >> Debian DSA-5095-1 : linux - security update >> >> Debian DSA-4994-1 : bind9 - security update >> >> We tried to upgrade our Debian systems using the Debian repo but the >> affected packages didn’t received the package upgrade which takes care of

Re: Debian DSA-5095-1 : linux - security update

On Wed, 2022-03-16 at 23:46 +0530, Sona Das wrote: > Hi Team, > > We are having High level threat in our Debian systems detected by our > vulnerability scanners > Debian DSA-5095-1 : linux - security update > > Debian DSA-4994-1 : bind9 - security update > > We

Re: Debian DSA-5095-1 : linux - security update

On Wed, Mar 16, 2022 at 11:46:02PM +0530, Sona Das wrote: > Hi Team, > > We are having High level threat in our Debian systems detected by our > vulnerability scanners > Debian DSA-5095-1 : linux - security update > > Debian DSA-4994-1 : bind9 - security update > &

Re: Debian DSA-5095-1 : linux - security update

On 16/03/2022 18:16, Sona Das wrote: Hi Team, We are having High level threat in our Debian systems detected by our vulnerability scanners Debian DSA-5095-1 : linux - security update Debian DSA-4994-1 : bind9 - security update We tried to upgrade our Debian systems using

Debian DSA-5095-1 : linux - security update

Hi Team, We are having High level threat in our Debian systems detected by our vulnerability scanners Debian DSA-5095-1 : linux - security update Debian DSA-4994-1 : bind9 - security update We tried to upgrade our Debian systems using the Debian repo but the affected packages didn’t received

Re: kernel sources for Debian 10.6 security update kernel 4.19.0-12-amd64

On Thu, Mar 25, 2021 at 07:52:20AM +, Eerapu, Nipuna Sri wrote: > Hi Team, > > I am trying to download kernel sources for kernel 4.19.0-12-amd64 and getting > below error. > > As part of my project, I want to compile drivers for this kernel version. > > root@linux-ndeb106:/usr/src# uname -r

kernel sources for Debian 10.6 security update kernel 4.19.0-12-amd64

Hi Team, I am trying to download kernel sources for kernel 4.19.0-12-amd64 and getting below error. As part of my project, I want to compile drivers for this kernel version. root@linux-ndeb106:/usr/src# uname -r 4.19.0-12-amd64 root@linux-ndeb106:/usr/src# apt-get install linux-headers-$(uname

Re: it's very foolish to force user to install security update

gt; > file size is 34.1M, it may take more than 2 hours > > > jessie installer has just downloaded kernel from a mirror i choose, it's > > > fast, but security.debian.org is slow > > > early debian installer allow user to choose whether to install securit

Re: it's very foolish to force user to install security update

security.debian.org is slow > early debian installer allow user to choose whether to install security update > i hope debian developer can read this message Two things. 1. You can choose whether you want security updates at install time. (There may be a default value unless you use exper

Re: (finished)Re: how to prevent security update installation during stretch installation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 08/04/2018 07:39 PM, David Christensen wrote: > I do keep optical drives in the older machines because their BIOS can be > incompatible with bootable USB flash drives. these machines need to be trashed, they are generaly not so efficient regardi

Re: (finished)Re: how to prevent security update installation during stretch installation

y answer to my question i may have to put up with security update It is best to keep your systems up-to-date with respect to security patches. hopefully this time debian 9.5 will not cause trouble (debian 9.4 with security update has problem) i'm not interested in spending any more energy

Re: how to prevent security update installation during stretch installation

On 08/01/2018 01:00 AM, Long Wind wrote: i don't like security update because i suspect it cause problem (some packaged can't be installed) during stretch installation last time I suggest that you obtain the debian-9.5.0-amd64-xfce-CD-1.iso image (via jigdo), burn it to CD/USB,

Re: how to prevent security update installation during stretch installation

On 8/1/18 1:00 AM, Long Wind wrote: > i don't like security update because i suspect it cause problem (some > packaged can't be installed) during stretch installation last time > > and i've used linux for a long time and i think it's stable even without > sec

Re: how to prevent security update installation during stretch installation

David Christensen wrote: > Why not? I guess because he's in China and internet costs relatively much there.

Re: how to prevent security update installation during stretch installation

On Tue, Jul 31, 2018 at 06:05:04PM -0700, David Christensen wrote: > On 07/31/2018 05:42 PM, Roberto C. Sánchez wrote: > > On Tue, Jul 31, 2018 at 05:36:41PM -0700, David Christensen wrote: > > > > > > One possibility is to configure your Internet gateway to block traffic > > > between the host a

Re: how to prevent security update installation during stretch installation

On 07/31/2018 05:42 PM, Roberto C. Sánchez wrote: On Tue, Jul 31, 2018 at 05:36:41PM -0700, David Christensen wrote: One possibility is to configure your Internet gateway to block traffic between the host and the Internet, and then install from CD-1, DVD-*, BD-*, etc., media. An easier appro

Re: how to prevent security update installation during stretch installation

On Tue, Jul 31, 2018 at 05:36:41PM -0700, David Christensen wrote: > > One possibility is to configure your Internet gateway to block traffic > between the host and the Internet, and then install from CD-1, DVD-*, BD-*, > etc., media. > An easier approach would be that when the installer asks "W

Re: how to prevent security update installation during stretch installation

On 07/31/2018 02:56 PM, Long Wind wrote: i plan to install debian by network Okay. i don't like security update, Why not? how to do it? Thanks! One possibility is to configure your Internet gateway to block traffic between the host and the Internet, and then install from CD-1

Re: firefox-esr security update for Jessie?

On Wed, Jun 27, 2018 at 06:37:51PM -0400, Ed Jabbour wrote: >I see that firefox-esr has a security update. It is only for Stretch. What >are we Jessie users to do? A member of the LTS team is working on it. Regards, -Roberto -- Roberto C. Sánchez

firefox-esr security update for Jessie?

I see that firefox-esr has a security update. It is only for Stretch. What are we Jessie users to do?

Re: Asterisk security update

Hi there On 04/10/17 20:10, Don Armstrong wrote: On Wed, 04 Oct 2017, Rob van der Putten wrote: The Asterisk security update seems to exclude amd64; I can't find a 13.14.1~dfsg-2+deb9u2_amd64.deb in pool. It's in stable-new: % rmadison asterisk|grep 9u2 asterisk | 1:13.1

Re: Asterisk security update

On Wed, 04 Oct 2017, Rob van der Putten wrote: > The Asterisk security update seems to exclude amd64; I can't find a > 13.14.1~dfsg-2+deb9u2_amd64.deb in pool. It's in stable-new: % rmadison asterisk|grep 9u2 asterisk | 1:13.14.1~dfsg-2+deb9u2 | stable-new | sourc

Re: Asterisk security update

On Wed, Oct 04, 2017 at 06:19:04PM +0200, Rob van der Putten wrote: > Hi there > > > On 04/10/17 17:33, Roberto C. Sánchez wrote: > > >On Wed, Oct 04, 2017 at 05:24:21PM +0200, Rob van der Putten wrote: > >> > >>The Asterisk security update seems to ex

Re: Asterisk security update

Hi there On 04/10/17 17:33, Roberto C. Sánchez wrote: On Wed, Oct 04, 2017 at 05:24:21PM +0200, Rob van der Putten wrote: The Asterisk security update seems to exclude amd64; I can't find a 13.14.1~dfsg-2+deb9u2_amd64.deb in pool. That is quite strange. There have been reports of up

Re: Asterisk security update

On Wed, Oct 04, 2017 at 05:24:21PM +0200, Rob van der Putten wrote: > Hi there > > > The Asterisk security update seems to exclude amd64; I can't find a > 13.14.1~dfsg-2+deb9u2_amd64.deb in pool. > > > Regards, > Rob > That is quite strange. There have b

Asterisk security update

Hi there The Asterisk security update seems to exclude amd64; I can't find a 13.14.1~dfsg-2+deb9u2_amd64.deb in pool. Regards, Rob

Re: apache2 security update

On Mon, 27 Feb 2017, Dr. John A. Zoidberg MD wrote: This post concerns: Debian Security Advisory DSA-3796-1 (appended below) The package involved is apache2. I have two "live" internet webservers, one an uptodate jessie, the other a long-maintained wheezy. The jessie machine upgraded easily t

Re: apache2 security update

On Mon, 27 Feb 2017, Dan Ritter wrote: No, the version in wheezy is probably also affected. However, wheezy is now supported by the Long Term Support project, and you need to make changes to get those packages. https://wiki.debian.org/LTS/Using THANK YOU! I'm trying desperately to get out

Re: apache2 security update

On Mon, Feb 27, 2017 at 12:48:46PM -0500, Dr. John A. Zoidberg MD wrote: > This post concerns: > > Debian Security Advisory DSA-3796-1 (appended below) > > The package involved is apache2. > > I have two "live" internet webservers, one an uptodate jessie, the other a > long-maintained wheezy. Th

apache2 security update

pplied for apache2 running in wheezy? Thanks -- John A. Zoidberg MD Amphibian and Marine Parasitology and Infectious Diseases Here is the advisory: From: Sebastien Delafond To: debian-security-annou...@lists.debian.org Subject: [SECURITY] [DSA 3796-1] apache2 security update Date: Sun, 26 Feb 201

Re: Can't install security update: server name not resolved

On Fri, 21 Oct 2016 07:35:28 -0400 Carl Fink wrote: > Anyone else seeing this? > > E: Failed to fetch > http://security.debian.org/pool/updates/main/l/linux/linux-headers-3.16.0-4-amd64_3.16.36-1+deb8u2_amd64.deb > Could not resolve 'security-cdn.debian.org > It was apparently temporary. Worked

Re: Can't install security update: server name not resolved

On 10/21/2016 02:36 PM, Morten Bergman wrote: I was seeing that too. Tried again, this time through a VPN, and it worked. It was apparently temporary. Worked when I got home from, well, work. Thanks. -- Carl Fink c...@finknetwork.com

Re: Can't install security update: server name not resolved

I was seeing that too. Tried again, this time through a VPN, and it worked. Morten

Can't install security update: server name not resolved

Anyone else seeing this? E: Failed to fetch http://security.debian.org/pool/updates/main/l/linux/linux-headers-3.16.0-4-amd64_3.16.36-1+deb8u2_amd64.deb Could not resolve 'security-cdn.debian.org Any suggestions? -- Carl Fink nitpick...@nitpicking.com Read my blog

OpenSSH security update? was Re: Issues with SSH pubkey authentication at remote server

Hi, [UPDATE] Stephan Beck: > Hi Mark, > > Mark Fletcher: >> On Mon, Sep 26, 2016 at 02:52:00PM +, Stephan Beck wrote: >>> Hi Lisi, >> >>> If you look at the second line of the terminal output I reproduced, you >>> find that the openssl component in use within the package openssh Debian >>> Je

Call for testing: regression update for samba security update (DSA-3548-1)

Hi The last Samba security update issued as DSA-3548-1 introduced several upstream regressions, which are addressed in this update. Before we release the packages we would like to call for additional testing. The packages can be found on https://people.debian.org/~carnil/tmp/samba/jessie

Re: Call for testing: upcoming samba security update

On Sat, 16 Apr 2016 05:34:02 + (UTC), Virgo Pärna wrote: > > I'll have to find time to try update again with changes that > were suggested (server services part and winbind package). Then I could > be certain that this was the reason, why sama would no longer start up. > And I

Re: Call for testing: upcoming samba security update

[please don't top post] On Thu, Apr 14, 2016 at 06:25:01PM +0100, Birgit Berger (UV Wien) wrote: > is it better to wait to update samba 4.1.17 to 4.2.10 on jessie? There aren't any new packages in the stable release, or has this changed for some reason? -- The media's the most powerful entity

Re: Call for testing: upcoming samba security update

On Thu, 14 Apr 2016 18:26:43 +0100, oeh univie edv lists wrote: > > [-- Type: text/plain, Encoding: quoted-printable --] > > This doesn't sound very reassuring. Is it better to wait to update samba > 4.1.17 to 4.2.10 on jessie? > I'll have to find time to try update again with changes th

Re: Call for testing: upcoming samba security update

is it better to wait to update samba 4.1.17 to 4.2.10 on jessie? How do I revert to previous version if the update fails? Are there any instructions how to that? KR birgit Virgo Pärna schreibt: >On Thu, 14 Apr 2016 10:02:22 +0100, Chris Boot > wrote: >> >> When running a Samba 4 DC, the shift

Re: Call for testing: upcoming samba security update

This doesn't sound very reassuring. Is it better to wait to update samba 4.1.17 to 4.2.10 on jessie? How do I revert to previous version 4.1.17 if the update fails? Are there any instructions how do that? KR birgit Virgo Pärna schreibt: >On Thu, 14 Apr 2016 10:02:22 +0100, Chris Boot > wrote: >

Re: Call for testing: upcoming samba security update

On Thu, 14 Apr 2016 10:02:22 +0100, Chris Boot wrote: > > When running a Samba 4 DC, the shift from 4.1 to 4.2 brings some major > changes with it and people's smb.conf will need changing. The "server > services" line needs "winbind" replacing with "winbindd", and the user > must ensure the winbi

Re: Call for testing: upcoming samba security update

On 14/04/16 10:02, Chris Boot wrote: > Firstly: > >> Finally, two important configuration options should be considered, >> that we were unable to silently change defaults for: >> - smb signing = required >> - ntlm auth = no >> >> Without smb signing = required, Man in the Middl

Re: Call for testing: upcoming samba security update

On 12/04/16 21:27, Salvatore Bonaccorso wrote: > Hi > > The upcoming Samba update is bigger than usual since for Jessie an > update is needed to 4.2. We want to expose the package a bit more for > additional testing. Please test the packages found on [snip] Hi folks, So I missed the testing win

Call for testing: upcoming samba security update

Hi The upcoming Samba update is bigger than usual since for Jessie an update is needed to 4.2. We want to expose the package a bit more for additional testing. Please test the packages found on https://people.debian.org/~carnil/tmp/samba/ (no apt repository available for these test packa

ANNOUNCEMENT: AMD processor microcode security update

THIS ANNOUNCEMENT IS ONLY RELEVANT TO SYSTEMS THAT HAVE AMD PILEDRIVER MICROPROCESSORS (AMD-FX, and AMD Opteron 3300 / 4300 / 6300). AMD has released a microcode update that fixes a severe fault (also known as "erratum") on AMD Piledriver processors. This erratum can cause dangerous system instab

Re: Why no security update of apache2 concerning SSLv3?

On 2015-03-20 12:13:12 -0400, Gene Heskett wrote: > On Friday 20 March 2015 08:45:13 Vincent Lefevre wrote: > > No, it is not commented out. ./etc/apache2/mods-available/ssl.conf > > in apache2.2-common_2.2.22-13+deb7u4_amd64.deb contains: ^^ > > > >

Re: Why no security update of apache2 concerning SSLv3?

On Saturday 21 March 2015 20:28:50 Bob Proulx wrote: > Gene Heskett wrote: [...] > > > It is in the /etc/apache2/envvars file. > > > > Ahh, lemme check. BRB. Humm, its not in that file, so > > > > > $ grep APACHE_RUN_DIR /etc/apache2/envvars > > > export APACHE_RUN_DIR=/var/run/apache2$SUFFIX

Re: Why no security update of apache2 concerning SSLv3?

Gene Heskett wrote: > > Are you running FastCGI with your Apache instead of the internal > > Apache handler? (Which is fine.) Check the configuration for it. > > Something might be snafu there setting the communication socket. > > I think I am, but its been years since I last messed with that.

Re: Why no security update of apache2 concerning SSLv3?

On Saturday 21 March 2015 19:25:53 Bob Proulx wrote: > Gene Heskett wrote: > > Bob Proulx wrote: > > > $ grep SSLCipherSuite /etc/apache2/mods-available/ssl.conf > > > SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 > > > > This is not valid for a 2.22 install > > What is the error you are seeing? That loo

Re: Why no security update of apache2 concerning SSLv3?

Gene Heskett wrote: > Bob Proulx wrote: > > $ grep SSLCipherSuite /etc/apache2/mods-available/ssl.conf > > SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 > > This is not valid for a 2.22 install What is the error you are seeing? That looks to be okay to me. rwp@havoc:~$ cat /etc/debian_version 7.8

Re: Why no security update of apache2 concerning SSLv3?

Gene Heskett wrote: > I have been considering switching to https. On the one hand it would be good ever all traffic used https. On the other hand it won't prevent someone from knowing what sites you visit or what visiters are visiting your site. All of your pages are publicly known anyway. Good

Re: Why no security update of apache2 concerning SSLv3?

On Saturday 21 March 2015 17:04:03 Bob Proulx wrote: > Gene Heskett wrote: > > Call me confused. And I do run my own web page from this machine. > > URL in sig. > > Genes Web page > > That is a non-https page. Do you operate any https pages requiring > secu

Re: Why no security update of apache2 concerning SSLv3?

On Saturday 21 March 2015 16:37:59 Bob Proulx wrote: > Vincent Lefevre wrote: > > Bob Proulx wrote: > > > Vincent Lefevre wrote: > > > > Bob Proulx wrote: > > > > > The Debian default Apache2 configuration for ssl is in > > > > > local-ssl and it configures the self-signed so called > > > > > "snak

Re: Why no security update of apache2 concerning SSLv3?

Gene Heskett wrote: > Call me confused. And I do run my own web page from this machine. URL > in sig. > Genes Web page That is a non-https page. Do you operate any https pages requiring security? I didn't find any. If you aren't using https then the discu

Re: Why no security update of apache2 concerning SSLv3?

Vincent Lefevre wrote: > Bob Proulx wrote: > > Vincent Lefevre wrote: > > > Bob Proulx wrote: > > > > The Debian default Apache2 configuration for ssl is in local-ssl and > > > > it configures the self-signed so called "snakeoil" certificates. >... > > The /etc/apache2/mods-available/ssl.conf does

  1   2   3   4   >