[bitfolk] Fwd: [SECURITY] [DLA 1637-1] apt security update

Hi, I've discussed this issue with Andy and he has asked me to post it here for wider discussion. I've not yet succesfully performed the upgrade yet. I'd be interested to hear what others have done or are intending to do. 8<----- I've received the attached regarding some apt security problems that involve HTTP redirects. The message says that some mirrors have trouble with it and, indeed, when I try it against the http://apt-cacher.lon.bitfolk.com mirrors, `sudo apt -o Acquire::http::AllowRedirect=false update` gives me ----- ... Fetched 15.5 kB in 4s (3,224 B/s) W: Failed to fetch http://apt-cacher.lon.bitfolk.com/debian/security.debian.org/dists/jessie/u… 302 Found W: Failed to fetch http://apt-cacher.lon.bitfolk.com/debian/security.debian.org/dists/jessie/u… 302 Found ----- and `sudo apt -o Acquire::http::AllowRedirect=false upgrade` gives me ----- ... WARNING: The following packages cannot be authenticated! ... ----- I guess I can follow the advice in the message and use the original server for this upgrade but I thought I'd make you aware of it. Perhaps if the cache was already populated it would work OK? Regards, @ndy -- andyjpb(a)ashurst.eu.org http://www.ashurst.eu.org/ 0x7EBA75FF