Re: Linux needs a security audit

Hello, Michael Paoli wrote on 15/09/2025 at 01:20:23+0200: > "extraordinary claims require extraordinary evidence". > Please point to the evidence. > Both Linux and Tor, OpenSource, > and with source/version control and history, etc. > So if they were compromised at any point, or even > unintent

Re: Linux needs a security audit

"extraordinary claims require extraordinary evidence". Please point to the evidence. Both Linux and Tor, OpenSource, and with source/version control and history, etc. So if they were compromised at any point, or even unintentional compromising bugs introduced, one should well be able to point that

Linux needs a security audit

attempts. I was careful to ensure that side-channel leaks were unlikely, such as by changing my writing style, using brand-new devices, disabling optional software telemetry, physical security access control to guard my devices, fully updated firmware, software, and Operating systems, security

Re: Security problem with debian12.10.0 (My fault not Debian's)

> Based on this message, it appears Donald is reporting two issues: 1) He tried to download something from a third-party web site and got an error message. There's really nothing that Debian can do ab

Re: Security problem with debian12.10.0 (My fault not Debian's)

Greg Wooledge wrote: > If you assume that we "have not received" your previous messages, then > you must also assume that we don't know what your problem is.

Re: Security problem with debian12.10.0 (My fault not Debian's)

On Fri, Aug 22, 2025 at 08:47:05 +0100, Donald MacKinnon wrote: > About three months ago I sent an apology for inadvertently mixing > distributions. > I'm assuming that you have not received that apology. > Anyway the security problem remains -  obviously I'm having diffic

Security problem with debian12.10.0 (My fault not Debian's)

Hello About three months ago I sent an apology for inadvertently mixing distributions. I'm assuming that you have not received that apology. Anyway the security problem remains -  obviously I'm having difficulty using Debian in the usual manner. I can assure you that I haven&

Re: Understanding why http://security.debian.org/debian-security/dists/bookworm-security/updates/updates/updates/updates/updates/updates/updates/ exists

Hi, On Wed, Aug 20, 2025 at 06:47:57PM +0100, Yassine Chaouche wrote: > the updates dir seems to be a link to itself: I think it was because there used to be an /updates in the sources URL so the virtual link was put there so that people's configuration wouldn't break. i.e. it's historical. Than

Understanding why http://security.debian.org/debian-security/dists/bookworm-security/updates/updates/updates/updates/updates/updates/updates/ exists

-security suffixed (bookworm-security, there's no bookworm directory), but the sections include main, contrib, non-free, and a special "updates" section, like this: $ tree -L 2 -n dist/ dist/ ├── bookworm-security │   ├── contrib │   ├── main │   ├── non-free │   └── updates ├── bu

Re: Security: Be careful with StarDict!

On 2025-08-12 18:58:21 +0700, Max Nikulin wrote: > On 08/08/2025 20:29, Vincent Lefevre wrote: > > On 2025-08-07 18:52:47 +0700, Max Nikulin wrote: > > > On 06/08/2025 10:18, Vincent Lefevre wrote: > > > > > > > > Note that passwords can easily be leaked. > > > > > > I see, earlier I even mention

Re: Security: Be careful with StarDict!

On 08/08/2025 20:29, Vincent Lefevre wrote: On 2025-08-07 18:52:47 +0700, Max Nikulin wrote: On 06/08/2025 10:18, Vincent Lefevre wrote: Note that passwords can easily be leaked. I see, earlier I even mentioned protocol that allows clipboard manager to ignore text copied by password managers

Re: Security: Be careful with StarDict!

On 2025-08-07 18:52:47 +0700, Max Nikulin wrote: > On 06/08/2025 10:18, Vincent Lefevre wrote: > > On 2025-08-06 09:33:12 +0700, Max Nikulin wrote: > > > I believe, proper tags are neither security+critical not wishlist, but > > > something in between. > > >

Re: Security: Be careful with StarDict!

On 06/08/2025 10:18, Vincent Lefevre wrote: On 2025-08-06 09:33:12 +0700, Max Nikulin wrote: I believe, proper tags are neither security+critical not wishlist, but something in between. Note that passwords can easily be leaked. I see, earlier I even mentioned protocol that allows clipboard

Re: Security: Be careful with StarDict!

On 2025-08-06 17:18:00 +0300, Henrik Ahlgren wrote: > Everyone seems to be quite concerned about the notion that the servers > are located in China (which does not appear to be accurate for > dict.youdao.com when accessed from, for instance, Europe). This > perspective sounds overly alarmist and mi

Re: Security: Be careful with StarDict!

On 2025-08-06, Henrik Ahlgren wrote: > Maytham Alsudany writes: > >> P.S. I've already seen a post in the Debian subreddit[1] and an >> article[2] about this thread; it should not be getting this much >> notoriety/coverage.. It also amuses me how the comments of a few people >> who happen to be D

Re: Security: Be careful with StarDict!

Maytham Alsudany writes: > P.S. I've already seen a post in the Debian subreddit[1] and an > article[2] about this thread; it should not be getting this much > notoriety/coverage.. It also amuses me how the comments of a few people > who happen to be DDs (e.g. myself, stardict package maintainer)

Re: Security: Be careful with StarDict!

On 2025-08-06 07:29:13 -0400, Dan Ritter wrote: > I also note that the Description for stardict does not mention > that it is primarily a client for remote servers. Compare the > Description for "dict": > > Description: dictionary client > This package provides a client application to query a dic

Re: Security: Be careful with StarDict!

Hi Max, Vincent, On Wed, 2025-08-06 at 09:33 +0700, Max Nikulin wrote: > Vincent raised a privacy issue specific to StarDict. There are might be > similar bugs (reported or not) in other packages. You may try to find > them in the Debian bug tracker or using general purpose search engines. They

Re: Security: Be careful with StarDict!

Max Nikulin wrote: > I decided to post to debian-user rather than to the bug tracker to discuss > it from more general point of view: whether this kind of features should be > considered as controversial and whether Debian maintainers should disable it > in default configuration overriding upstrea

Re: Security: Be careful with StarDict!

On 2025-08-06 09:33:12 +0700, Max Nikulin wrote: > I believe, proper tags are neither security+critical not wishlist, but > something in between. Note that passwords can easily be leaked. (In the old days, I was typing all my passwords, but with current rules that require complex passwords

Re: Security: Be careful with StarDict!

On 2025-08-06 09:33:12 +0700, Max Nikulin wrote: > At least some applications show apparent indicator that camera or microphone > is on or that screen capture is active. Applications relaying selected text > to remote server may show similar popup when this mode is active. In my case, there is a p

Re: Security: Be careful with StarDict!

the plugins package is in "Recommends", not in "Depends", so it can be removed. The question is default effect of "apt install stardict". I believe, proper tags are neither security+critical not wishlist, but something in between. At least some applications show appa

Re: Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

On Tue, Aug 05, 2025 at 08:22:12 -0500, Richard Owlett wrote: > > > I'll use netinst, accepting all defaults. > > > > I thought you used mate? > > I do. But I essentially think of MATE as Gnome done right. > My two questions still apply. > > To be explicit, "Does MATE have any of the vulnerabili

Re: Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

On 2025-08-05, Richard Owlett wrote: > On 8/5/25 7:51 AM, Greg wrote: >> On 2025-08-05, Richard Owlett wrote: >>> I've been following this thread, probably without full comprehension. >>> I currently have Debian 12. My practice is to do a default install to a >>> fresh partition when a new releas

Re: Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

On 8/5/25 7:51 AM, Greg wrote: On 2025-08-05, Richard Owlett wrote: I've been following this thread, probably without full comprehension. I currently have Debian 12. My practice is to do a default install to a fresh partition when a new release comes out. I'll use netinst, accepting all defaul

Re: Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

On 2025-08-05, Richard Owlett wrote: > I've been following this thread, probably without full comprehension. > I currently have Debian 12. My practice is to do a default install to a > fresh partition when a new release comes out. > > I'll use netinst, accepting all defaults. I thought you used

Any implications for default Trixie intall? - was [Re: Security: Be careful with StarDict!]

I've been following this thread, probably without full comprehension. I currently have Debian 12. My practice is to do a default install to a fresh partition when a new release comes out. I'll use netinst, accepting all defaults. Will I have any of the vulnerabilities mentioned in this thread?

Re: Security: Be careful with StarDict!

On Tue, Aug 05, 2025 at 09:43:03 +0700, Max Nikulin wrote: > I agree with Vincent that without *explicit* user consent applications > should not send to remote servers what they gathered by listening for > changes of primary selection or clipboard. Even if upstream packages (source > code, flatpak,

Re: Security: Be careful with StarDict!

On 05/08/2025 08:52, Maytham Alsudany wrote: On Mon, 2025-08-04 at 10:21 +0200, Vincent Lefevre wrote: On 2025-08-04 14:40:25 +0800, Maytham Alsudany wrote: Yes, that's a feature: it will lookup your selections in local and online dictionaries, and by default it searches English-Chinese diction

Re: Security: Be careful with StarDict!

On Mon, 2025-08-04 at 10:21 +0200, Vincent Lefevre wrote: > On 2025-08-04 14:40:25 +0800, Maytham Alsudany wrote: > > Yes, that's a feature: it will lookup your selections in local and > > online dictionaries, and by default it searches English-Chinese > > dictionaries. You can disable it in the se

Re: Security: Be careful with StarDict!

On 2025-08-04 08:43:54 +0200, Klaus Singvogel wrote: > Hi Vincent, > > Vincent Lefevre wrote: > > Be careful with StarDict! By default, when the application is running, > > it sends whatever the user selects (from other applications) to > > Chinese servers! > > Thanks for your warning. > > Do yo

Re: Security: Be careful with StarDict!

On 2025-08-04 14:40:25 +0800, Maytham Alsudany wrote: > Yes, that's a feature: it will lookup your selections in local and > online dictionaries, and by default it searches English-Chinese > dictionaries. You can disable it in the settings by enabling "Only scan > while the modifier key is being pr

Re: Security: Be careful with StarDict!

Hi Vincent, Vincent Lefevre wrote: > Be careful with StarDict! By default, when the application is running, > it sends whatever the user selects (from other applications) to > Chinese servers! Thanks for your warning. Do you have more details? ▷ Which function in the code? ▷ Which Chinese server

Re: Security: Be careful with StarDict!

Yes, that's a feature: it will lookup your selections in local and online dictionaries, and by default it searches English-Chinese dictionaries. You can disable it in the settings by enabling "Only scan while the modifier key is being pressed" under "Scan Selection", or disable the network dictiona

Security: Be careful with StarDict!

Be careful with StarDict! By default, when the application is running, it sends whatever the user selects (from other applications) to Chinese servers! -- Vincent Lefèvre - Web: 100% accessible validated (X)HTML - Blog: Work: CR INRIA - co

Re: retry at email Security problem with deian12.10.0

On 5/30/25 6:26 AM, Donald MacKinnon wrote: mail.txt Dear Debian, I am having difficulty in attempting to access your facilities. [SNIP] In *NONE* of your posts to debian-user do you state the _address_ you are attempting to contact.

Re: retry at email Security problem with deian12.10.0

On 30.05.2025 16:26, Donald MacKinnon wrote: Dear Debian,  I am having difficulty in attempting to access your facilities. From Debian's response it would   appear a security issue. This is partially confirmed by "Open Printing's" response of "Not   Allowed"

retry at email Security problem with deian12.10.0

Dear Debian, I am having difficulty in attempting to access your facilities. From Debian's response it would appear a security issue. This is partially confirmed by "Open Printing's" response of "Not Allowed" by a request for the software required for my H

Re: Debian 12 security issue - please help to understand

ra...@siliconet.pl wrote: > >On 29.01.2025 4:16 PM, Roberto C. Sánchez wrote: >> Yes, it still means that. The minizip binary package you are seeing >> comes from a different source package, also called minizip: >> >> https://packages.debian.org/source/bookworm/minizip > >Aha! Got it :-) > >And th

Re: Debian 12 security issue - please help to understand

On 29.01.2025 4:16 PM, Roberto C. Sánchez wrote: Yes, it still means that. The minizip binary package you are seeing comes from a different source package, also called minizip: https://packages.debian.org/source/bookworm/minizip Aha! Got it :-) And there are no binary components in Debian b

Re: Debian 12 security issue - please help to understand

On Wed, Jan 29, 2025 at 04:15:16PM +0100, Rafał Lichwała wrote: > >But still don;t understand "Debian itself does *not* build the affected >component" as I can find "minizip" (and maybe other) package based on that >vulnerable library - see my previous post above as Re- to Hanno. > Yo

Re: Debian 12 security issue - please help to understand

e you are seeing comes from a different source package, also called minizip: https://packages.debian.org/source/bookworm/minizip > > that is what your job is: finding out wether the bug is really > > affecting you and if so, how to mitigate it. > > So, if I use "minizip&q

Re: Debian 12 security issue - please help to understand

On 29.01.2025 3:30 PM, Roberto C. Sánchez wrote: On Wed, Jan 29, 2025 at 03:22:02PM +0100, Rafał Lichwała wrote: On 29.01.2025 2:43 PM, Dan Ritter wrote: CVSS are often bogus. Hmmm... I'm not sure what you mean. All security announcements in DSAs are referring to CVSS, so... w

Re: Debian 12 security issue - please help to understand

hanks for trying and patience :-) that is what your job is: finding out wether the bug is really affecting you and if so, how to mitigate it. So, if I use "minizip" or any other package based on vulnerable "zlib1g" in bookworm, that may be a security risk, right?

Re: Debian 12 security issue - please help to understand

On Wed, Jan 29, 2025 at 03:22:02PM +0100, Rafał Lichwała wrote: >On 29.01.2025 2:43 PM, Dan Ritter wrote: > > CVSS are often bogus. > > Hmmm... I'm not sure what you mean. All security announcements in DSAs are > referring to CVSS, so... what's the source of

Re: Debian 12 security issue - please help to understand

On Wed, Jan 29, 2025 at 08:43:12AM -0500, Dan Ritter wrote: > > Most recently: https://daniel.haxx.se/blog/2025/01/23/cvss-is-dead-to-us/ I was going to post a link to this very article when I saw that you already had :-) Regards, -Roberto -- Roberto C. Sánchez

Re: Debian 12 security issue - please help to understand

On 29.01.2025 2:43 PM, Dan Ritter wrote: CVSS are often bogus. Hmmm... I'm not sure what you mean. All security announcements in DSAs are referring to CVSS, so... what's the source of such opinion? Most recently:https://daniel.haxx.se/blog/2025/01/23/cvss-is-dead-to-us/ Yeah, an

Re: Debian 12 security issue - please help to understand

e just false-alarms because they are already fixed in Debian (as usually, in normal security fixes, backports or whatever) - even if that's not reflected in the package main version number - so I can easily find an information about that on Debian pages. But I can't find it - worse - I

Re: Debian 12 security issue - please help to understand

- > vulnerable", so why it has low priority? > > Maybe I just don;t understand the process of this "Debian doesn't build the > vulnerable binary component", so please clarify in more details. > > > CVSS are often bogus. > > Hmmm... I'm not sure what

Re: Debian 12 security issue - please help to understand

On 29.01.2025 1:57 PM, David wrote: How does your "automatically scanned for possible vulnerabilites" actually work? I don't know, but it does not matter in that context. The fact is, that the result of this "magic scan" properly found and points out th

Re: Debian 12 security issue - please help to understand

se clarify in more details. CVSS are often bogus. Hmmm... I'm not sure what you mean. All security announcements in DSAs are referring to CVSS, so... what's the source of such opinion? Similar problem in second critical on the list: package "libaom3" which is a binary

Re: Debian 12 security issue - please help to understand

ng to this scan > there are 139 security vulnerabilities and 2 of them are CRITICAL (!). > I've started to dig further to find out what's going on there. > > First critical on the list is "zlib1g" binary Debian package which is a part > of (a result) of wider pac

Re: Debian 12 security issue - please help to understand

n discovered that according to this scan > there are 139 security vulnerabilities and 2 of them are CRITICAL (!). How does your "automatically scanned for possible vulnerabilites" actually work? Because Debian does backport security fixes, so simply checking the version number of the sof

Debian 12 security issue - please help to understand

Hi, I've prepared some docker image based on Debian 12 (bookworm, fully updated) and after upload it to local registry it has been automatically scanned for possible vulnerabilities. Then I was really surprised when discovered that according to this scan there are 139 security vulnerabil

Re: Wazuh Security Alert

I guess this is the link as you comments in your post: https://security-tracker.debian.org/tracker/CVE-2023-37920 Name: CVE-2023-37920 Description: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS

Re: Wazuh Security Alert

Simon Bates wrote: > I recently started using Wazuh to manage the security of my servers and > Linux desktops. > > I have a Debian server that is raising the following alert: > > package.name: python3-certifi > > package.version: 2022.9.24-1 > > vulnerability

Wazuh Security Alert

I recently started using Wazuh to manage the security of my servers and Linux desktops. I have a Debian server that is raising the following alert: package.name: python3-certifi package.version: 2022.9.24-1 vulnerability.id: CVE-2023-37920 https://nvd.nist.gov/vuln/detail/CVE-2023-37920

Re: Security Flaw:

On 7/9/24 23:34, Richard Bostrom wrote: I cannot update my passphrase in crypttab although the passphrase is updated in the OS I cannot enter my OS without using the latest passphrase. Yours sincerely Richardh Bostrom Passphrases in crypttab(5) are for disks, disk partitions, virtual device

Re: Changing the passphrase in crypttab [Was: Security Flaw:]

On Wed, Jul 10, 2024 at 09:09:06AM GMT, Ceppo wrote: > If this isn't your case, we probably need some more details to be able to > help you. And I forgot the most important question: how did you encrypt your disk? -- Ceppo signature.asc Description: PGP signature

Re: Changing the passphrase in crypttab [Was: Security Flaw:]

rase. What happens when you enter the old passphrase? And what when you enter the new one? P.S.: you should always choose a meaningful subject for your emails. "Security Flaw" really looks spam and is easily discarded by spam filters, and even if the message were delivered most p

Security Flaw:

I cannot update my passphrase in crypttab although the passphrase is updated in the OS I cannot enter my OS without using the latest passphrase. Yours sincerely Richardh Bostrom

Re: Security hole in kernel fixed?

ср, 15 мая 2024 г. в 16:55, Hans : > Dear developers, Users. > in April 2024 the security hole CVE-2023-6546 was discovered in linux-image, > and I believe, it is fixed in kernel 6.1.0 (from debian/stable) as soon after > this a new kernel was released. https://security-tracke

Re: Security hole in kernel fixed?

On 2024-05-15 at 03:05, Hans wrote: > Dear developers, As usual, most of us here are not Debian developers, even if some of us may be software developers. > in April 2024 the security hole CVE-2023-6546 was discovered in linux-image, > and I believe, it > is fixed in kernel 6.1.0

Security hole in kernel fixed?

Dear developers, in April 2024 the security hole CVE-2023-6546 was discovered in linux-image, and I believe, it is fixed in kernel 6.1.0 (from debian/stable) as soon after this a new kernel was released. However, there is no new kernel 6.5.0-*-bpo released at that time, so my question

Re: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

e been yet tackled by Debian? You can find a reference for advisories here: https://www.debian.org/security/ And you can be fed info by email by subscribing to: https://lists.debian.org/debian-security-announce/ Between those last two links your specific question here is answered but

Re: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

On 2024-03-30, fxkl4...@protonmail.com wrote: > so is this a threat to us normal debian users > if so how do we fix it Debian stable is not affected, Debian testing, unstable and experimental must be updated. https://lists.debian.org/debian-security-announce/2024/msg00057.html

Re: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

key) passed to RSA_public_decrypt, checked > against a simple fingerprint, and decrypted with a fixed ChaCha20 key > before the Ed448 signature verification..." Also see > <https://www.openwall.com/lists/oss-security/2024/03/30/36>. > > On Fri, Mar 29, 2024 at 1:52 PM Jeffrey W

Re: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

ature verification..." Also see <https://www.openwall.com/lists/oss-security/2024/03/30/36>. On Fri, Mar 29, 2024 at 1:52 PM Jeffrey Walton wrote: > > Seems relevant since Debian adopted xz about 10 years ago. > > -- Forwarded message - > From: Andres Fr

Re: Fwd: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

Hello, On Fri, Mar 29, 2024 at 01:52:18PM -0400, Jeffrey Walton wrote: > Seems relevant since Debian adopted xz about 10 years ago. Though we do not know how or why this developer has come to recently put apparent exploits in it, so we can't yet draw much of a conclusion beyond "sometimes people

Re: Fwd: [oss-security] backdoor in upstream xz/liblzma leading to ssh server compromise

On Fri, Mar 29, 2024 at 01:52:18PM -0400, Jeffrey Walton wrote: > Seems relevant since Debian adopted xz about 10 years ago. > Also note that this has been addressed in Debian: https://lists.debian.org/debian-security-announce/2024/msg00057.html Provided here for the benefit those who a

Re: seeding /dev/random from a security key

On Tue, Mar 26, 2024 at 7:12 PM Björn Persson wrote: > > Jeffrey Walton wrote: > > For what you want to do, and if I am parsing it correctly... I would > > write a daemon in C [...] > > Only in the unlikely case that both RNGD and SCDrand turn out unsuitable > somehow. Writing and compiling a daem

Re: seeding /dev/random from a security key

Jeffrey Walton wrote: > For what you want to do, and if I am parsing it correctly... I would > write a daemon in C [...] Only in the unlikely case that both RNGD and SCDrand turn out unsuitable somehow. Writing and compiling a daemon is no less work than compiling an already written daemon. > The

Re: seeding /dev/random from a security key

t; > Be careful of rng-tools. It does not do a good job for non-mainstream > > generators, like VIA's Padlock Security Engine. And rng-tools did not > > support generators for architectures, like you would find on ARM, > > aarch64 and PowerPC. > > I figure it can b

Re: seeding /dev/random from a security key

computer instead of buying a tiny dongle? > Be careful of rng-tools. It does not do a good job for non-mainstream > generators, like VIA's Padlock Security Engine. And rng-tools did not > support generators for architectures, like you would find on ARM, > aarch64 and PowerPC. I

Re: seeding /dev/random from a security key

On Mon, Mar 25, 2024 at 4:33 PM Björn Persson wrote: > > In a quest to acquire hardware random number generators for seeding > /dev/random on servers that lack a built-in entropy source, I'm > investigating how random data can be obtained from a security key such > as a Ni

Re: seeding /dev/random from a security key

m investigating whether security keys can be used instead. Security keys are available from multiple vendors, but it's hard to find any information about the random number generators inside them. > OneRNG is still in production. I tried to buy one of those a while ago, but I couldn't

Re: seeding /dev/random from a security key

On Mon, Mar 25, 2024 at 06:09:02PM -0400, e...@gmx.us wrote: > On 3/25/24 17:27, Andy Smith wrote: > > The thread covers how to make rngd feed /dev/random from a OneRNG in > > Debian 12, but it is no longer possible to tell if that does > > anything useful. > > If not from devices like this, from

Re: seeding /dev/random from a security key

On 3/25/24 17:27, Andy Smith wrote: The thread covers how to make rngd feed /dev/random from a OneRNG in Debian 12, but it is no longer possible to tell if that does anything useful. If not from devices like this, from where does Debian get its randomness? -- For is it not written, wheresoever

Re: seeding /dev/random from a security key

Hi, On Mon, Mar 25, 2024 at 09:24:23PM +0100, Björn Persson wrote: > Does anyone know of another way to obtain random data from devices of > this kind? I have some EntropyKeys and some OneRNGs. I have the rngd packaged in Debian feeding /dev/random from them. This had an actual noticeable effect

seeding /dev/random from a security key

Hello! In a quest to acquire hardware random number generators for seeding /dev/random on servers that lack a built-in entropy source, I'm investigating how random data can be obtained from a security key such as a Nitrokey, Yubikey or a similar device. RNGD version 6 from https://githu

Re: No Release file for Security Update

Tixy wrote: > On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > > Tixy writes: > > > Where could your machine be getting this IP address from?  It's > > > the same IP address shown in your output when you used the > > > incorrect address 'ftp.security.debian.org' and for me that > > > does

SOLVED Re: No Release file for Security Update SOLVED

://deb.debian.org/debian/ bookworm-updates main non-free-firmware contrib non-free deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware contrib non-free deb http://security.debian.org/debian-security bookworm-security main non-free-firmware contrib non-free deb-src http

Re: No Release file for Security Update

On Thu, Jan 18, 2024 at 10:59:48AM -0600, John Hasler wrote: > Host gives me the same result. However, apt says: > > 0% [Connecting to security-debian.org (57.128.81.193)] security-debian.org and security.debian.org are different names.

Re: No Release file for Security Update

for me too. > > > > > > > > I was using the address that George _said_ he used in his email, > > > > obviously he was wrong and just mis-typing emails rather than copy and > > > > pasting in what he was actually using :-( > > > > Of course you're also guilty John ;-) saying 'ftp.security.debian.org' > > resolved, but at least you pasted a command showing what you really > > used :-) And now you can all point out that it was me that was misquoting the address and using a dot where in fact everyone else was using a hyphen in 'debian-security'. I'll now slink away red faced and try and find a hole big enough to crawl into... -- Tixy

Re: No Release file for Security Update

On Thu, 2024-01-18 at 18:16 +, Tixy wrote: > On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > > Tixy writes: > > > Where could your machine be getting this IP address from?  It's the > > > same IP address shown in your output when you used the incorrect > > > address 'ftp.security.debian

Re: No Release file for Security Update

On Thu, 2024-01-18 at 12:06 -0600, John Hasler wrote: > Tixy writes: > > Where could your machine be getting this IP address from?  It's the > > same IP address shown in your output when you used the incorrect > > address 'ftp.security.debian.org' and for me that doesn't resolve to > > any IP addre

Re: No Release file for Security Update

lt;- opcode: QUERY, status: NOERROR, id: 2686 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;ftp.security-debian.org. IN A ;; ANSWER SECTION: ftp.security-debian.org. 3296 IN

Re: No Release file for Security Update

On Thu, 2024-01-18 at 10:48 -0500, Thomas George wrote: > On 1/17/24 20:52, Greg Wooledge wrote: > > On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: > > > deb http://ftp.security-debian.org/debian-security/ bookworm-security main > > > non-free non-free

Re: No Release file for Security Update

Host gives me the same result. However, apt says: 0% [Connecting to security-debian.org (57.128.81.193)] and times out. Using "nameserver 8.8.8.8" changes nothing. -- John Hasler j...@sugarbit.com Elmwood, WI USA

Re: No Release file for Security Update

Thomas George wrote: > I typed the above line exactly. apt-get update searches for > security.debian.org:80 [57.128.81.193] and times out, no connection Gene writes: > And that is not the address I get from here It's the one I get from here, and it times out. My DNS is working. -- John Hasler

Re: No Release file for Security Update SOLVED

non-free deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware contrib non-free deb http://security.debian.org/debian-security bookworm-security main non-free-firmware contrib non-free deb-src http://security.debian.org/debian-security bookworm-security main non-free

Re: No Release file for Security Update

On 1/17/24 22:54, Todd Zullinger wrote: Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to use. https

Re: No Release file for Security Update

On Thu, Jan 18, 2024 at 10:59:34AM -0500, gene heskett wrote: > And that is not the address I get from here > ping -c1 security.debian.org > PING security.debian.org (151.101.2.132) 56(84) bytes of data. > 64 bytes from 151.101.2.132 (151.101.2.132): icmp_seq=1 ttl=59 time=15.8 ms > > Your dns isn

Re: No Release file for Security Update

On 1/18/24 10:49, Thomas George wrote: On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to

Re: No Release file for Security Update

On 1/18/24 10:49, Thomas George wrote: On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to

Re: No Release file for Security Update

On 1/17/24 20:52, Greg Wooledge wrote: On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: deb http://ftp.security-debian.org/debian-security/ bookworm-security main non-free non-free-firmware Stop guessing, and *read* what you were told to use. https://lists.debian.org/debian

update of bookworm-security failed Formerly Re: No Release file for Security Update

*keep* non-free-firmware, though. Also, if you don't want to use plain http, you can change this to https. deb http://ftp.debian.org/debian/ bookworm-security  main non-free non-free-firmware This one is incorrect, but someone else already addressed that one. Be sure you actually fo

Re: No Release file for Security Update

-firmware > > deb http://ftp.debian.org/debian/ bookworm-updates main non-free > non-free-firmware > > # deb http://ftp.debian.org/debian/ bookworm-backports main non-free > non-free-firmware > > deb http://ftp.debian.org/debian/ bookworm-security  main non-free > non-

Re: No Release file for Security Update

Greg Wooledge wrote: > On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: >> deb http://ftp.security-debian.org/debian-security/ bookworm-security main >> non-free non-free-firmware > > Stop guessing, and *read* what you were told to use. > > https://lists.

Re: No Release file for Security Update

On Wed, Jan 17, 2024 at 08:40:58PM -0500, Thomas George wrote: > deb http://ftp.security-debian.org/debian-security/ bookworm-security main > non-free non-free-firmware Stop guessing, and *read* what you were told to use. https://lists.debian.org/debian-user/2024/01/msg00778.html

  1   2   3   4   5   6   7   8   9   10   >