The Debian Project · Jul 7, 2019 · 3:52 PM UTC

The Debian Project

@debian

7 Jul 2019

If you use apt-get to upgrade to buster, you won't be asked about the security repository info changed from 'testing' to 'stable'. Use the --allow-releaseinfo-change option, as Eriberto Mota explains here: or use apt instead dlvr.it/R7ysNd

119

Victor Csiky 💦 · Jul 7, 2019 · 3:58 PM UTC

Victor Csiky 💦 @nanotek911

7 Jul 2019

Also, WHY ON EARTH don't you provide SSL #TLS #HTTPS for security.debian.org ? This way it currently is, hijacking cannot really be prevented.

Imran Hussain · Jul 7, 2019 · 5:47 PM UTC

Imran Hussain @imranh2

7 Jul 2019

The way the mirrors work mean all the mirrors running behind it would need a trusted certificate for security.debian.org However, do try deb.debian.org as that works differently, "deb deb.debian.org/debian-securi… stable/updates main contrib non-free"

Imran Hussain · Jul 7, 2019 · 5:50 PM UTC

Imran Hussain · Jul 7, 2019 · 5:50 PM UTC

Imran Hussain @imranh2

7 Jul 2019

Replying to @imranh2 @nanotek911 @debian

Twitter mangled my tweet, look at cdn-aws.deb.debian.org/debia… and stick a 's' in the right place!

Jul 7, 2019 · 5:50 PM UTC

Victor Csiky 💦 · Jul 8, 2019 · 9:13 PM UTC

Victor Csiky 💦 @nanotek911

8 Jul 2019

Replying to @imranh2 @debian

Shhh, that's what I do :P I did the same with the fastly one but it got fucked.. :P Still, this is not anything I consider GA