[pve-devel] [PATCH pve-manager 1/1] Only check deb sources.list entries
Fabian Ebner
f.ebner at proxmox.com
Fri Jul 9 10:33:08 CEST 2021
Am 09.07.21 um 09:24 schrieb Rhonda D'Vine:
> The check isn't specific enough, it also catches deb-src entries and
> would give a false impression of security in certain circumstances, or
> lead to false negatives in case you have a deb-src entry for
> buster/updates even though you have bullseye-security in just the next
> line -- something that isn't that uncommon for developers.
>
> Signed-off-by: Rhonda D'Vine <rhonda at deb.at>
> ---
> PVE/CLI/pve6to7.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/PVE/CLI/pve6to7.pm b/PVE/CLI/pve6to7.pm
> index fb928a9c..30adcb19 100644
> --- a/PVE/CLI/pve6to7.pm
> +++ b/PVE/CLI/pve6to7.pm
> @@ -1010,7 +1010,7 @@ sub check_security_repo {
>
> ($line) = split(/#/, $line);
>
> - next if $line !~ m/^deb/; # is case sensitive
> + next if $line !~ m/^deb[[:space:]]/; # is case sensitive
>
> my $suite;
>
>
Of course, thank you for the fix!
FWIW, Reviewed-by: Fabian Ebner <f.ebner at proxmox.com>
I also noticed that the check is not yet in the stable-6 branch.
More information about the pve-devel
mailing list