Only check deb sources.list entries

The check isn't specific enough, it also catches deb-src entries and
would give a false impression of security in certain circumstances, or
lead to false negatives in case you have a deb-src entry for
buster/updates even though you have bullseye-security in just the next
line -- something that isn't that uncommon for developers.

Signed-off-by: Rhonda D'Vine <rhonda@deb.at>
Reviewed-by: Fabian Ebner <f.ebner@proxmox.com>
(cherry picked from commit f00ebb3699621c795a515151b1f2632c731ed556)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/PVE/CLI/pve6to7.pm b/PVE/CLI/pve6to7.pm
index a3c791fb74be74bab99877afb54e0b66424ab1bd..2134428d4bb0ed4457211590fa5287cc5295f7a6 100644 (file)
--- a/PVE/CLI/pve6to7.pm
+++ b/PVE/CLI/pve6to7.pm
@@ -1010,7 +1010,7 @@ sub check_security_repo {
 
            ($line) = split(/#/, $line);
 
-           next if $line !~ m/^deb/; # is case sensitive
+           next if $line !~ m/^deb[[:space:]]/; # is case sensitive
 
            my $suite;