Marcin Owsiany wrote:
is it normal behavior for systems having woody-proposed-updates among apt sources NOT to have a mysql update for the recently announced mysql server vuln. ?As for how to cope with the proposed-updates/security updates desynchroni[zs]ation, see http://lists.debian.org/debian-security/2003/debian-security-200309/msg00146.html
Thanks for the tip, it works now. Nevertheless, I don't find this desync acceptable. Now one can't rely on apt-get update; apt-get upgrade to have a system patched for all the known vulns, but has to check manually if a newer AND UNPATCHED package is in proposed-updates and add the corresponding entries in /etc/apt/preferences by hand. :S Is it OK for the debian folks, and they don't intend to do anything about this issue ? .SiCk of IT.