Debian 10263 Published by

A bug has been discovered in the 3.1r0 CD/DVD images: new installs fromthese images will have a commented-out entry in /etc/apt/sources.list for "http://security.debian.org/ testing/updates" rather than an active entry for "http://security.debian.org/ stable/updates", and thus will not get security updates by default. This was due to incorrect Release files on the images.



If you have already installed a system using a 3.1r0 CD/DVD image, you do not need to reinstall. Instead, simply edit /etc/apt/sources.list, look for any lines mentioning security.debian.org, change "testing" to "stable", and remove "# " from the start of the line.

If you installed other than from a CD or DVD (for example, netboot, or booting from floppy and installing the base system from the network), you are not affected by this bug.

New 3.1r0a images will be available shortly to correct this flaw. In the meantime, CD vendors should delay pressing CDs or DVDs of Debian 3.1. We apologise for the inconvenience.

--
Colin Watson
Debian Release Team