Page 2 of 2
Re: Debian updates
Posted: 2019-01-21, 05:02
by 14themoon
This is the sequence I tried to fix the repo key:
(From a discussion about a month ago.)
wget -nv
https://download.opensuse.org/repositor ... elease.key -O Release.key
sudo apt-key add Release.key
sudo apt update
But still no success. Is Pale Moon just not destined to work well with Debian? As I stated previously,
my laptop which runs Xubuntu updated perfectly.
Re: Debian updates
Posted: 2019-01-21, 17:40
by GogrillaMincefriend
Assuming this is directed at me, that rather goes against the point of using a package manager.
Anyway, I think I've found the problem as pertains to the error I was running into; AFAICT the web proxy was feeding a stale version of the Packages file for some reason, thus aptitude was never picking up the updated hash info (don't understand how it could have spotted there was an update available though). Next update I'll have a further dig and see if this is something unique to this network setup or not (or if I find any other machines with a stale update cache).
Re: Debian updates
Posted: 2019-01-22, 21:28
by stevenpusser
14themoon wrote:This is the sequence I tried to fix the repo key:
(From a discussion about a month ago.)
wget -nv
https://download.opensuse.org/repositor ... elease.key -O Release.key
sudo apt-key add Release.key
sudo apt update
But still no success. Is Pale Moon just not destined to work well with Debian? As I stated previously,
my laptop which runs Xubuntu updated perfectly.
If you still have the original old Release.key file in that directory it will download Release.key.1 or something like that--you should see that in the code output. Try running
first, to delete it and make sure you get the fresh key.
Re: Debian updates
Posted: 2019-01-23, 02:30
by 14themoon
I don't know what you did, but I ran my update and upgrade commands and the browser seems to be up to date! Thanks for this. Should this correction hold for future updates as well?
Again, thanks for your support and efforts on behalf of Pale Moon users!
Re: Debian updates
Posted: 2019-01-23, 21:11
by stevenpusser
Well, I didn't really do anything...I suspect that you might have had the old key laying around, and maybe this time you were in a different directory or something, but hopefully the new one will be good for another few years.
I see all the Debian testing packages are back in the OBS, and getting rebuilt every day as the build-dependencies keep getting updated in Buster, but this will soon calm down as Buster enters deeper states of freeze.
Re: Debian updates
Posted: 2019-01-23, 22:10
by smoki
stevepusser wrote:Well, I didn't really do anything...
Well Steve, could be even that some people were attacked by man in the middle attacks there thorough apt that is possible too
Wrong person between OBS servers and these packages is enough to inject something and to make all this happen
Debian today released urgent 9.7 just to address one such sole apt security issue:
https://www.debian.org/News/2019/20190123
https://www.debian.org/security/2019/dsa-4371
Re: Debian updates
Posted: 2019-01-25, 20:10
by stevenpusser
I'm uploading the sources for 28.3.1 right now into the repo, so updates should start showing up in an hour or so.
https://build.opensuse.org/package/show ... r/palemoon
Re: Debian updates
Posted: 2019-01-31, 19:20
by GogrillaMincefriend
GogrillaMincefriend wrote:Anyway, I think I've found the problem as pertains to the error I was running into; AFAICT the web proxy was feeding a stale version of the Packages file for some reason, thus aptitude was never picking up the updated hash info (don't understand how it could have spotted there was an update available though). Next update I'll have a further dig and see if this is something unique to this network setup or not (or if I find any other machines with a stale update cache).
So a further dig has been done and this appears to be due to apt-cacher-ng somehow - I don't know enough about the intricacies of deb repos to make a call on what's going wrong, but when apt-cacher-ng is taken out of the equation the repo works fine. It seems that, for whatever reason, apt-cacher-ng doesn't update the package metadata on refresh of the stevenpusser repository, so clients keep using the old metadata file file size and hashes even when new files are available, resulting in the file size/hash mismatch errors I've been seeing for the last few months.
I've been using apt-cacher-ng successfully with this pale moon repo for years now so I'm not quite sure what or when the problem arose; the last update of apt-cacher-ng was back in september which
might have been when it started playing up but I'm not sure. In the meantime this
bug sounds similar to the issues I've been encountering with the repo.