From b8436f0c6b7473c53f3bcbca741dd755a9ce89fe Mon Sep 17 00:00:00 2001
From: Rhonda D'Vine <rhonda@deb.at>
Date: Fri, 9 Jul 2021 09:24:41 +0200
Subject: [PATCH] Only check deb sources.list entries

The check isn't specific enough, it also catches deb-src entries and
would give a false impression of security in certain circumstances, or
lead to false negatives in case you have a deb-src entry for
buster/updates even though you have bullseye-security in just the next
line -- something that isn't that uncommon for developers.

Signed-off-by: Rhonda D'Vine <rhonda@deb.at>
Reviewed-by: Fabian Ebner <f.ebner@proxmox.com>
---
 PVE/CLI/pve6to7.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PVE/CLI/pve6to7.pm b/PVE/CLI/pve6to7.pm
index fb928a9c..30adcb19 100644
--- a/PVE/CLI/pve6to7.pm
+++ b/PVE/CLI/pve6to7.pm
@@ -1010,7 +1010,7 @@ sub check_security_repo {
 
 	    ($line) = split(/#/, $line);
 
-	    next if $line !~ m/^deb/; # is case sensitive
+	    next if $line !~ m/^deb[[:space:]]/; # is case sensitive
 
 	    my $suite;