security: Fix HTTP to HTTPS for all package and repository downloads (#15009)

Co-authored-by: Security Fix <security@community-scripts.org>

install/globaleaks-install.sh

@@ -15,7 +15,7 @@ update_os
 msg_info "Setup GlobaLeaks"
 DISTRO_CODENAME="$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)"
 curl -fsSL https://deb.globaleaks.org/globaleaks.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/globaleaks.gpg
-echo "deb [signed-by=/etc/apt/trusted.gpg.d/globaleaks.gpg] http://deb.globaleaks.org $DISTRO_CODENAME/" >/etc/apt/sources.list.d/globaleaks.list
+echo "deb [signed-by=/etc/apt/trusted.gpg.d/globaleaks.gpg] https://deb.globaleaks.org $DISTRO_CODENAME/" >/etc/apt/sources.list.d/globaleaks.list
 echo 'APPARMOR_SANDBOXING=0' >/etc/default/globaleaks
 $STD apt update
 $STD apt -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold install globaleaks

install/medusa-install.sh

@@ -20,7 +20,7 @@ $STD apt install -y \
   mediainfo
 
 cat <<EOF >/etc/apt/sources.list.d/non-free.list
-deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
+deb https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
 EOF
 $STD apt update
 $STD apt install -y unrar

install/proxmox-backup-server-install.sh

@@ -16,7 +16,7 @@ update_os
 msg_info "Installing Proxmox Backup Server"
 curl -fsSL "https://enterprise.proxmox.com/debian/proxmox-release-trixie.gpg" -o "/etc/apt/trusted.gpg.d/proxmox-release-trixie.gpg"
 cat <<EOF >>/etc/apt/sources.list
-deb http://download.proxmox.com/debian/pbs trixie pbs-no-subscription
+deb https://download.proxmox.com/debian/pbs trixie pbs-no-subscription
 EOF
 $STD apt update
 export DEBIAN_FRONTEND=noninteractive

tools/pve/hw-acceleration.sh

@@ -96,14 +96,14 @@ if [[ ${prompt,,} =~ ^(y|yes)$ ]]; then
   msg_info "Installing Hardware Acceleration (non-free)"
   pct exec "${privileged_container}" -- bash -c "cat <<EOF >/etc/apt/sources.list.d/non-free.list
 
-deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
-deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
+deb https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
+deb-src https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
 
-deb http://deb.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
-deb-src http://deb.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
+deb https://deb.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
+deb-src https://deb.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
 
-deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
-deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
+deb https://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
+deb-src https://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
 EOF"
 
   pct exec "${privileged_container}" -- bash -c "silent() { \"\$@\" >/dev/null 2>&1; } && $STD apt-get update && $STD apt-get install -y intel-media-va-driver-non-free ocl-icd-libopencl1 intel-opencl-icd vainfo intel-gpu-tools && $STD adduser \$(id -u -n) video && $STD adduser \$(id -u -n) render"

tools/pve/pbs3-upgrade.sh

@@ -71,9 +71,9 @@ start_routines() {
   yes)
     msg_info "Changing to Proxmox Backup Server 3 Sources"
     cat <<EOF >/etc/apt/sources.list
-deb http://deb.debian.org/debian bookworm main contrib
-deb http://deb.debian.org/debian bookworm-updates main contrib
-deb http://security.debian.org/debian-security bookworm-security main contrib
+deb https://deb.debian.org/debian bookworm main contrib
+deb https://deb.debian.org/debian bookworm-updates main contrib
+deb https://security.debian.org/debian-security bookworm-security main contrib
 EOF
     msg_ok "Changed to Proxmox Backup Server 3 Sources"
     ;;
@@ -105,7 +105,7 @@ EOF
   yes)
     msg_info "Enabling 'pbs-no-subscription' repository"
     cat <<EOF >/etc/apt/sources.list.d/pbs-install-repo.list
-deb http://download.proxmox.com/debian/pbs bookworm pbs-no-subscription
+deb https://download.proxmox.com/debian/pbs bookworm pbs-no-subscription
 EOF
     msg_ok "Enabled 'pbs-no-subscription' repository"
     ;;

tools/pve/post-pbs-install.sh

@@ -126,9 +126,9 @@ start_routines_3() {
   yes)
     msg_info "Correcting Debian Sources"
     cat <<EOF >/etc/apt/sources.list
-deb http://deb.debian.org/debian ${VERSION} main contrib
-deb http://deb.debian.org/debian ${VERSION}-updates main contrib
-deb http://security.debian.org/debian-security ${VERSION}-security main contrib
+deb https://deb.debian.org/debian ${VERSION} main contrib
+deb https://deb.debian.org/debian ${VERSION}-updates main contrib
+deb https://security.debian.org/debian-security ${VERSION}-security main contrib
 EOF
     msg_ok "Corrected Debian Sources"
     ;;

tools/pve/post-pve-install.sh

@@ -115,9 +115,9 @@ start_routines_8() {
   yes)
     msg_info "Correcting Proxmox VE Sources"
     cat <<EOF >/etc/apt/sources.list
-deb http://deb.debian.org/debian bookworm main contrib
-deb http://deb.debian.org/debian bookworm-updates main contrib
-deb http://security.debian.org/debian-security bookworm-security main contrib
+deb https://deb.debian.org/debian bookworm main contrib
+deb https://deb.debian.org/debian bookworm-updates main contrib
+deb https://security.debian.org/debian-security bookworm-security main contrib
 EOF
     echo 'APT::Get::Update::SourceListWarnings::NonFreeFirmware "false";' >/etc/apt/apt.conf.d/no-bookworm-firmware.conf
     msg_ok "Corrected Proxmox VE Sources"
@@ -146,7 +146,7 @@ EOF
   yes)
     msg_info "Enabling 'pve-no-subscription' repository"
     cat <<EOF >/etc/apt/sources.list.d/pve-install-repo.list
-deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+deb https://download.proxmox.com/debian/pve bookworm pve-no-subscription
 EOF
     msg_ok "Enabled 'pve-no-subscription' repository"
     ;;

tools/pve/pve8-upgrade.sh

@@ -54,9 +54,9 @@ start_routines() {
   whiptail --backtitle "Proxmox VE Helper Scripts" --msgbox --title "PVE8 SOURCES" "This will set the correct sources to update and install Proxmox VE 8." 10 58
   msg_info "Changing to Proxmox VE 8 Sources"
   cat <<EOF >/etc/apt/sources.list
-deb http://ftp.debian.org/debian bookworm main contrib
-deb http://ftp.debian.org/debian bookworm-updates main contrib
-deb http://security.debian.org/debian-security bookworm-security main contrib
+deb https://ftp.debian.org/debian bookworm main contrib
+deb https://ftp.debian.org/debian bookworm-updates main contrib
+deb https://security.debian.org/debian-security bookworm-security main contrib
 EOF
   msg_ok "Changed to Proxmox VE 8 Sources"
 
@@ -70,7 +70,7 @@ EOF
   whiptail --backtitle "Proxmox VE Helper Scripts" --msgbox --title "PVE8-NO-SUBSCRIPTION" "The 'pve-no-subscription' repository provides access to all of the open-source components of Proxmox VE." 10 58
   msg_info "Enabling 'pve-no-subscription' repository"
   cat <<EOF >/etc/apt/sources.list.d/pve-install-repo.list
-deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
+deb https://download.proxmox.com/debian/pve bookworm pve-no-subscription
 EOF
   msg_ok "Enabled 'pve-no-subscription' repository"