The Debian Project · Jul 7, 2019 · 3:52 PM UTC

The Debian Project

@debian

7 Jul 2019

If you use apt-get to upgrade to buster, you won't be asked about the security repository info changed from 'testing' to 'stable'. Use the --allow-releaseinfo-change option, as Eriberto Mota explains here: or use apt instead dlvr.it/R7ysNd

119

Victor Csiky 💦 · Jul 7, 2019 · 3:58 PM UTC

Victor Csiky 💦 @nanotek911

7 Jul 2019

Also, WHY ON EARTH don't you provide SSL #TLS #HTTPS for security.debian.org ? This way it currently is, hijacking cannot really be prevented.

Imran Hussain · Jul 7, 2019 · 5:47 PM UTC

Imran Hussain · Jul 7, 2019 · 5:47 PM UTC

Imran Hussain @imranh2

7 Jul 2019

Replying to @nanotek911 @debian

The way the mirrors work mean all the mirrors running behind it would need a trusted certificate for security.debian.org However, do try deb.debian.org as that works differently, "deb deb.debian.org/debian-securi… stable/updates main contrib non-free"

Jul 7, 2019 · 5:47 PM UTC

Imran Hussain · Jul 7, 2019 · 5:50 PM UTC

Imran Hussain @imranh2

7 Jul 2019

Replying to @imranh2 @nanotek911 @debian

Twitter mangled my tweet, look at cdn-aws.deb.debian.org/debia… and stick a 's' in the right place!

more replies

MightyPirate™ 🥦 · Jul 10, 2019 · 4:40 PM UTC

MightyPirate™ 🥦 @iThreepwood

10 Jul 2019

Replying to @imranh2 @nanotek911 @debian

And for testing it appears to be testing-security/updates instead of testing/updates now. Same if you're using the release name: bullseye-security/updates Took me 10 minutes to find out.