On Tue, Nov 22, 2005 at 10:40:36PM +0000, Jules Bean wrote: > I don't understand how this came to be because he is sure that he > installed from an official CD, and he knows he has not manually > installed any packages.
> Could it be that some CDs were produced with some security updates > applied but with a wrong sources.list? Is there a good reason why > security.debian.org is not in the default sources.list? I seem to recall that security.debian.org is one of the things that the installer offers to add to your sources.list, defaulting to enabled. I also seem to recall that as part of the installation process the installer will refresh apt sources and fire up aptitude to update from them (when it installs additional packages from tasks and things). It may be that network sources (like security) are only offered when the installer has a network connection, I don't know. In any case, this sounds like an issue that the CD and installer people would be more equipped to deal with... -- "You grabbed my hand and we fell into it, like a daydream - or a fever."
signature.asc
Description: Digital signature
