Here’s another important package with a security issue and it’s missing update:
I have to keep my notebook secure and can’t wait any longer for a solution here.
I defined the debian repositories
root@pureOS1:~$ cat /etc/apt/sources.list.d/debian.list | grep -v ^#
deb http://deb.debian.org/debian/ bullseye main contrib non-free
deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free
deb http://deb.debian.org/debian-security/ bullseye-security main contrib non-free
Installed the keys for the repos and pinned like this:
root@pureOS1:~$ cat /etc/apt/preferences.d/pinning | grep -v ^#
Package: *
Pin: release v=11,o=Debian,a=stable-security,n=bullseye-security
Pin-Priority: 990
Package: *
Pin: release o=PureOS
Pin-Priority: 989
Package: *
Pin: release o=debian
Pin-Priority: 2
Package: *
Pin: release o=Debian Backports
Pin-Priority: 1
I removed apache2-bin apt-get purge apache2-bin which I do not need since I do not use gnome-user-share which in my installation was the only package depending on apache2-bin.
Using apt-get upgrade this led to the upgrade of the following packages
exiv2 firefox-esr ghostscript ghostscript-x gir1.2-grilo-0.3 libc-ares2 libexiv2-27 libgrilo-0.3-0 libgs9
libgs9-common libntfs-3g883 libperl5.32 libssh-4 libssh-gcrypt-4 libssl-dev libssl1.1
libxmlgraphics-commons-java lynx lynx-common ntfs-3g openssl perl perl-base perl-doc perl-modules-5.32
squashfs-tools thunderbird thunderbird-l10n-de