Find the answer to your Linux question:
Results 1 to 6 of 6
I just thought that those who install Debian 3.1 should know this. A minor bug in the CD and DVD images for the 3.1 release of Debian GNU/Linux means those ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Banned Richard_The_Lionhearted's Avatar
    Join Date
    Feb 2005
    Location
    Here, where else?
    Posts
    379

    Sarge bug hits security updates


    I just thought that those who install Debian 3.1 should know this.

    A minor bug in the CD and DVD images for the 3.1 release of Debian GNU/Linux means those installing the operating system from these images will not get security updates by default, a senior developer says.

    Version 3.1, Sarge, was released yesterday.

    Colin Watson said in a post to the debian-devel-announce mailing list that the list of sources in these CDs/DVDs for updating the distribution had the URL for security updates commented out for the testing stream of the distribution.

    The list of sources for updating should instead have had an URL for the stable release, he said.

    The Debian project has three streams in development at all times - stable, testing and unstable. Only security updates are released for the stable stream.

    The testing stream becomes the next stable release. The unstable stream is cutting-edge stuff and only very experienced people use it.
    AdvertisementAdvertisement

    "If you have already installed a system using a 3.1r0 CD/DVD image, you do not need to reinstall," Watson wrote. "Instead, simply edit /etc/apt/sources.list, look for any lines mentioning security.debian.org, change "testing" to "stable", and remove "# " from the start of the line.

    "If you installed other than from a CD or DVD (for example, netboot, or booting from floppy and installing the base system from the network), you are not affected by this bug."

    A similar incident happened when the project released revision 4 of version 2.2.

  2. #2
    Linux Engineer
    Join Date
    Aug 2004
    Posts
    826
    That links to a page asking me to register. Is there another source of this information?

    http://www.debian.org/security/ doesn't say anything about any recent security bugs after the release of 3.1.

  3. #3
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Guess they needed more time for testing Sarge before releasing it...

    Here's another link:

    http://www.zdnet.com.au/news/securit...9195896,00.htm

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User Krendoshazin's Avatar
    Join Date
    Feb 2005
    Location
    London, England
    Posts
    471
    at least it's not serious, just a small mistake of not setting a default setting, and it should be pretty easy to fix if you've already installed it, these things happen

  6. #5
    Linux Engineer
    Join Date
    Aug 2004
    Posts
    826
    Ah, I see. And it seems net-inst and floppy installs are not affected anyways.

    Here's the post on the Debian mailing lists that explains what to do if you did install from CD/DVD: http://lists.debian.org/debian-cd/2005/06/msg00082.html

  7. #6
    Banned Richard_The_Lionhearted's Avatar
    Join Date
    Feb 2005
    Location
    Here, where else?
    Posts
    379
    There fixed

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •