Package: pkgsel Version: 0.45 Tags: security Severity: important Security updates (and point releases) may include ABI bumps and new binary packages for some source packages that don't have a stable ABI. In particular, linux has done this several times this year; KiBi suggested that bind9 might sometimes do this. Normally the installer will install a metapackage such as linux-image- amd64, and a subsequent "apt upgrade" or "apt-get dist-upgrade" will update this package and pull in the new kernel package. Similarly upgrades to bind9 will pull in the new library packages. However, pkgsel by default runs "apt-get upgrade" which does *not* pull in new packages as dependencies. There is a debconf question (pkgsel/upgrade) for what type of upgrade to do, but it's low priority, and this is surely the wrong default behaviour. I think that either the default for this question should be changed to "full-upgrade", or the implementation of "safe-upgrade" should be changed to "apt upgrade". This installs new packages as dependencies but doesn't remove anything. I don't know if it's possible to get the same behaviour through options to "apt-get". Ben. -- Ben Hutchings Computers are not intelligent. They only think they are.
Attachment:
signature.asc
Description: This is a digitally signed message part