For Debian Jessie we've pinned openssl to version from backports, which is 1.0.2. However, apt is now reporting it will downgrade openssl and a bunch of other stuff. It could be a dependency snafu. Figure out what changed, and fix the pin configuration.
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | jbond | T219333 apt-get update broken on jessie: jessie-updates and jessie-backports removed by Debian | |||
Resolved | Jgreen | T219280 sort out jessie vs jesse-backports vs openssl pinning issue |
Event Timeline
https://lists.debian.org/debian-devel-announce/2019/03/msg00006.html
Security support has ended for the backports repo, and it has been removed from the mirror network. It's supposedly available at archive.debian.org but the Release file is expired. SoooOooOooOoo, we should upgrade all Jessie hosts that rely on backports to Stretch ASAP.
Is this still an issue, the openssl package is provided via jessi-wikimedia/main
jbond@jbond-jessie:~$ apt-cache policy openssl openssl: Installed: 1.0.2r-1~wmf1 Candidate: 1.0.2r-1~wmf1 Version table: *** 1.0.2r-1~wmf1 0 1001 http://apt.wikimedia.org/wikimedia/ jessie-wikimedia/main amd64 Packages 100 /var/lib/dpkg/status
If so can you provide me with an example machine
Thanks John
Thanks for the info John. Fundraising doesn't use the wmf repositories, we try to stay as close as possible to stock Debian. Instead we are resolving this by fast-tracking the phaseout of our few remaining Jessie hosts.
Adjusted apt sources and pin settings short term, while we finish phasing out jessie hosts.