Comment 12 for bug 306356

In the above, I should add that the version of /etc/apt/sources.list when using base-installer from hardy-proposed references the passed in security_host in the commented out line for hardy-security.

I've now verified the same behavior for intrepid, using the netboot iso at http://archive.ubuntu.com/ubuntu/dists/intrepid/main/installer-i386/20080522ubuntu23/images/netboot/mini.iso (the current intrepid-proposed netboot iso doesn't boot due to kernel version mismatches); without proposed, base-installer gets security archive information the first time off of archive.ubuntu.com instead of the apt-setup/security_host value. Using apt-setup/proposed=true, which pulls in the base-installer from intrepid-proposed causes all attempts to grab information for the intrepid-security repo to use the apt-setup/security_host value.