Am 23. Januar 2019 23:54:10 MEZ schrieb KatolaZ <katolaz@???>:
> No Florian, there is no "not-redirecting" repository in Devuan. Any
> Devuan repo will redirect to the corresponding Debian repo for all the
> packages that have not been forked by Debian, so you can't set
> AllowRedirect to false.
>
> The safest way is to manually download apt from the Debian pool, as
> explained in the email I forwarded. Or, if you trust Devuan, to use
> pkgmaster.devuan.org in your sources.list (that one is the master
> Devuan repo, and is on a machine to which only a reduced number of
> core developers have access), do the update, and then put back
> deb.devuan.org.
>
> HTH
>
> KatolaZ
Hallo Katolaz,
thanks for the quick clarification, I was just about to type a follow up message. Do IIUC that without tls it is still possible to mount a MITM attack?
::
Re: [DNG] [corsac@debian.org: [SECU…
