Bug#992194: Need to reflect Debian project preferences on repo keys

Package: release-notes Severity: normal The project really needs to make its mind up which way it is going in terms of managing repo keys. The bullseye release notes, e.g. 5.3.2. Deprecated components for bullseye make reference to "Keys should be managed by dropping files into /etc/apt/truste

Bug#992195: Remove reference to undocumented APT feature

Package: release-notes Severity: normal Re: 5.1.2 "which takes advantage of the undocumented feature of APT that it supports regular expressions (inside /)." Why are we encouraging people to use undocumented features ? It surely just sets you up for a future fail when people try to use the tric

Bug#1030119: release-notes: openssh-server: fills the log with "deprecated reading of user environment enabled"

You wanted to "track down an actual reason for this change" ? Try this: CVE-2011-3148 CVE-2011-3149 As summarised by Redhat (https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.4_technical_notes/pam): If an application's PAM configuration contained user_readenv=1, a