Ubuntu 24.04. noble-security InRelease' changed its 'Suite' value from 'noble-backports' to 'noble-security'

Question

Some of my colleagues see the following messages, when runningt apt-get update:

N: Repository 'http://security.ubuntu.com/ubuntu noble-security InRelease' changed its 'Suite' value from 'noble-backports' to 'noble-security' 
E: Repository 'http://security.ubuntu.com/ubuntu noble-security InRelease' changed its default priority for apt_preferences(5) from 100 to 500.

Is this due to a legitimate change in the ubuntu apt sources?

Or is this some local misconfiguration?

score 1 · Answer 1 · edited Apr 02 '25 at 13:08

As announced in the comment, I will post the additonal information in this "answer".

We believe security.ubuntu.com is used by ubuntu 24.04.2 by default. To test this, I downloaded the latest ubuntu 24.04.2 iso image from https://ubuntu.com/download/desktop and installed it in a virtual box guest machine.

After default installation, the files look like this:

# ls -l /etc/apt/sources.list.d/
total 8
-rw-r--r-- 1 root root  386 Apr  2 10:45 ubuntu.sources
-rw-r--r-- 1 root root 2552 Feb 15 09:15 ubuntu.sources.curtin.orig

ubuntu.sources has the following content:

Types: deb
URIs: http://de.archive.ubuntu.com/ubuntu/
Suites: noble noble-updates noble-backports
Components: main restricted universe multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
Types: deb
URIs: http://security.ubuntu.com/ubuntu/
Suites: noble-security
Components: main restricted universe multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg

and ubuntu.sources.curtin.orig has the following content:

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
Ubuntu distribution repository

The following settings can be adjusted to configure which packages to use from Ubuntu.
Mirror your choices (except for URIs and Suites) in the security section below to
ensure timely security updates.

Types: Append deb-src to enable the fetching of source package.
URIs: A URL to the repository (you may add multiple URLs)
Suites: The following additional suites can be configured
<name>-updates   - Major bug fix updates produced after the final release of the
distribution.
<name>-backports - software from this repository may not have been tested as
extensively as that contained in the main release, although it includes
newer versions of some applications which may provide useful features.
Also, please note that software in backports WILL NOT receive any review
or updates from the Ubuntu security team.
Components: Aside from main, the following components can be added to the list
restricted  - Software that may not be under a free license, or protected by patents.
universe    - Community maintained packages. Software in this repository receives maintenance
from volunteers in the Ubuntu community, or a 10 year security maintenance
commitment from Canonical when an Ubuntu Pro subscription is attached.
multiverse  - Community maintained of restricted. Software from this repository is
ENTIRELY UNSUPPORTED by the Ubuntu team, and may not be under a free
licence. Please satisfy yourself as to your rights to use the software.
Also, please note that software in multiverse WILL NOT receive any
review or updates from the Ubuntu security team.

See the sources.list(5) manual page for further settings.
Types: deb
URIs: http://archive.ubuntu.com/ubuntu/
Suites: noble noble-updates noble-backports
Components: main universe restricted multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
Ubuntu security updates. Aside from URIs and Suites,
this should mirror your choices in the previous section.
Types: deb
URIs: http://security.ubuntu.com/ubuntu/
Suites: noble-security
Components: main universe restricted multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg

And then there is the InRelase file:

# ls -l /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_noble-security_InRelease
-rw-r--r-- 1 root root 126127 Apr  2 08:02 /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_noble-security_InRelease

content:

# less /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_noble-security_InRelease
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Origin: Ubuntu
Label: Ubuntu
Suite: noble-security
Version: 24.04
Codename: noble
Date: Wed, 02 Apr 2025  6:01:46 UTC
Architectures: amd64 arm64 armhf i386 ppc64el riscv64 s390x
Components: main restricted universe multiverse
Description: Ubuntu Noble Security
MD5Sum:
 8f388e272898b0c118bc51664fbff8ca        893077933 Contents-amd64
 688bb94785c0efee38cc18652bf6c92c         49417276 Contents-amd64.gz
 bd9b8aa1575b735b2459450c86b65a2f       1179776956 Contents-arm64
 2b16ddda5e7d8c0993b4dc7f1127b59e         64573958 Contents-arm64.gz
 (...)

So even the freshly downloaded and installed ubuntu 24.04.2 (desktop) seems to be using the source security.ubuntu.com by default.

Artur Meinild · Answer 2 · 2025-03-30T17:05:13.473

This seems like a local misconfiguration, since the default repos don't use http://security.ubuntu.com/ubuntu as the server, but instead uses http://archive.ubuntu.com/ubuntu/, as indicated here:

deb http://archive.ubuntu.com/ubuntu/ noble main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu/ noble main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu/ noble-updates main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu/ noble-updates main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu/ noble-security main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu/ noble-security main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu/ noble-proposed main restricted universe multiverse
#deb-src http://archive.ubuntu.com/ubuntu/ noble-proposed main restricted universe multiverse

So in the /etc/apt/sources.list, change all references from http://security.ubuntu.com/ubuntu to http://archive.ubuntu.com/ubuntu/, and it should be properly configured.

Edit: However, in 24.04 this should usually be configured in /etc/apt/sources.list.d/ubuntu.sources instead (thanks).

Another option is to completely restore the default repositories.

Ubuntu 24.04. noble-security InRelease' changed its 'Suite' value from 'noble-backports' to 'noble-security'

2 Answers2

Ubuntu distribution repository

The following settings can be adjusted to configure which packages to use from Ubuntu.

Mirror your choices (except for URIs and Suites) in the security section below to

ensure timely security updates.

Types: Append deb-src to enable the fetching of source package.

URIs: A URL to the repository (you may add multiple URLs)

Suites: The following additional suites can be configured

<name>-updates - Major bug fix updates produced after the final release of the

distribution.

<name>-backports - software from this repository may not have been tested as

extensively as that contained in the main release, although it includes

newer versions of some applications which may provide useful features.

Also, please note that software in backports WILL NOT receive any review

or updates from the Ubuntu security team.

Components: Aside from main, the following components can be added to the list

restricted - Software that may not be under a free license, or protected by patents.

universe - Community maintained packages. Software in this repository receives maintenance

from volunteers in the Ubuntu community, or a 10 year security maintenance

commitment from Canonical when an Ubuntu Pro subscription is attached.

multiverse - Community maintained of restricted. Software from this repository is

ENTIRELY UNSUPPORTED by the Ubuntu team, and may not be under a free

licence. Please satisfy yourself as to your rights to use the software.

Also, please note that software in multiverse WILL NOT receive any

review or updates from the Ubuntu security team.

See the sources.list(5) manual page for further settings.

Ubuntu security updates. Aside from URIs and Suites,

this should mirror your choices in the previous section.