PKGS-7388 - Can't find any security repository #1636
Description
Describe the bug
Lynis incorrectly reports "Can't find any security repository in /etc/apt/sources.list or sources.list.d directory" on Debian 12 systems that use the modern DEB822 format for APT sources configuration. The security repository is properly configured in /etc/apt/sources.list.d/debian.sources but Lynis fails to detect it.
Version
- Distribution: Debian 12 (Bookworm)
- Lynis version: 3.1.5
Expected behavior
Lynis PKGS-7388 should recognize security repositories configured in DEB822 format files (*.sources) in /etc/apt/sources.list.d/ directory. The tool should parse these files and detect that bookworm-security suite is properly configured for security updates.
Output
[Insert the specific error message from Lynis here, e.g.:]
[WARNING] Can't find any security repository in /etc/apt/sources.list or sources.list.d directory
Current sources configuration in /etc/apt/sources.list.d/debian.sources:
Types: deb deb-src
URIs: mirror+file:///etc/apt/mirrors/debian.list
Suites: bookworm bookworm-updates bookworm-backports
Components: main
Types: deb deb-src
URIs: mirror+file:///etc/apt/mirrors/debian-security.list
Suites: bookworm-security
Components: main
Additional context
Debian 12 uses DEB822 format as the default for APT sources configuration. The security repository is properly configured and functional (verified with apt update and apt policy), but Lynis appears to only check for the legacy sources.list format. This results in false positive security warnings on properly configured Debian 12+ systems.