[Bug 2100714] Re: apt cannot update from security repo

Julian Andres Klode 2100714 at bugs.launchpad.net
Thu Mar 6 11:07:11 UTC 2025 

I think you can pass -o Debug::RunScripts=1

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2100714

Title:
  apt cannot update from security repo

Status in apt package in Ubuntu:
  Invalid

Bug description:
  server constantly returns "301 moved permanently" to ... itself, and
  apt times out. This feels like a security issue tbh.

  
  ```
  root at server-02:~# apt update
  Hit:1 https://archive.ubuntu.com/ubuntu noble InRelease                                                                                                                 
  Hit:2 https://archive.ubuntu.com/ubuntu noble-updates InRelease                                                                                                         
  Hit:3 https://archive.ubuntu.com/ubuntu noble-backports InRelease                                                                                                       
  Hit:4 https://download.docker.com/linux/ubuntu noble InRelease                                                                                                          
  Hit:5 https://security.ubuntu.com/ubuntu noble-security InRelease
  Error: Timeout was reached
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  All packages are up to date.
  root at server-02:~# 
  ```

  
  curl -v 

  
  ```

  root at server-02:~# curl -v https://security.ubuntu.com/ubuntu
  * Host security.ubuntu.com:443 was resolved.
  * IPv6: 2620:2d:4000:1::101, 2620:2d:4000:1::103, 2620:2d:4002:1::102, 2620:2d:4000:1::102, 2620:2d:4002:1::103, 2620:2d:4002:1::101
  * IPv4: 91.189.91.82, 185.125.190.83, 91.189.91.83, 185.125.190.82, 185.125.190.81, 91.189.91.81
  *   Trying 91.189.91.82:443...
  * Connected to security.ubuntu.com (91.189.91.82) port 443
  * ALPN: curl offers h2,http/1.1
  * TLSv1.3 (OUT), TLS handshake, Client hello (1):
  *  CAfile: /etc/ssl/certs/ca-certificates.crt
  *  CApath: /etc/ssl/certs
  * TLSv1.3 (IN), TLS handshake, Server hello (2):
  * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  * TLSv1.3 (IN), TLS handshake, Certificate (11):
  * TLSv1.3 (IN), TLS handshake, CERT verify (15):
  * TLSv1.3 (IN), TLS handshake, Finished (20):
  * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
  * TLSv1.3 (OUT), TLS handshake, Finished (20):
  * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / RSASSA-PSS
  * ALPN: server accepted http/1.1
  * Server certificate:
  *  subject: CN=security.ubuntu.com
  *  start date: Feb 12 19:21:44 2025 GMT
  *  expire date: May 13 19:21:43 2025 GMT
  *  subjectAltName: host "security.ubuntu.com" matched cert's "security.ubuntu.com"
  *  issuer: C=US; O=Let's Encrypt; CN=R11
  *  SSL certificate verify ok.
  *   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
  *   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
  *   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha256WithRSAEncryption
  * using HTTP/1.x
  > GET /ubuntu HTTP/1.1
  > Host: security.ubuntu.com
  > User-Agent: curl/8.5.0
  > Accept: */*
  > 
  * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  * old SSL session ID is stale, removing
  < HTTP/1.1 301 Moved Permanently
  < Date: Sun, 02 Mar 2025 20:02:35 GMT
  < Server: Apache/2.4.52 (Ubuntu)
  < Location: https://security.ubuntu.com/ubuntu/
  < Content-Length: 329
  < Content-Type: text/html; charset=iso-8859-1
  < 
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  <html><head>
  <title>301 Moved Permanently</title>
  </head><body>
  <h1>Moved Permanently</h1>
  <p>The document has moved <a href="https://security.ubuntu.com/ubuntu/">here</a>.</p>
  <hr>
  <address>Apache/2.4.52 (Ubuntu) Server at security.ubuntu.com Port 443</address>
  </body></html>
  * Connection #0 to host security.ubuntu.com left intact
  root at server-02:~# 
  ```

  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: apt 2.7.14build2
  ProcVersionSignature: Ubuntu 6.8.0-53.55-generic 6.8.12
  Uname: Linux 6.8.0-53-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.28.1-0ubuntu3.3
  Architecture: amd64
  CasperMD5CheckResult: pass
  CloudArchitecture: x86_64
  CloudID: none
  CloudName: none
  CloudPlatform: none
  CloudSubPlatform: config
  Date: Sun Mar  2 19:47:19 2025
  InstallationDate: Installed on 2024-04-05 (331 days ago)
  InstallationMedia: Ubuntu-Server 22.04.3 LTS "Jammy Jellyfish" - Release amd64 (20230810)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: apt
  UpgradeStatus: Upgraded to noble on 2025-02-12 (18 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2100714/+subscriptions

More information about the foundations-bugs mailing list