Re: The following packages have been kept back

To: debian-laptop@lists.debian.org
Subject: Re: The following packages have been kept back
From: Matus UHLAR - fantomas <uhlar@fantomas.sk>
Date: Tue, 20 Nov 2018 20:23:07 +0100
Message-id: <[🔎] 20181120192307.GA5576@fantomas.sk>
Mail-followup-to: debian-laptop@lists.debian.org
In-reply-to: <[🔎] 20181120183918.bfvavrvu5j2nymxv@basil.wdw>
References: <[🔎] alpine.BSF.2.21.9999.1811190634330.60610@aneurin.horsfall.org> <[🔎] 20181119150928.h42ofybvglkng4g2@basil.wdw> <[🔎] 20181119161223.GA3498@fantomas.sk> <[🔎] 20181120183918.bfvavrvu5j2nymxv@basil.wdw>

On 19.11.18 10:09, Marvin Renich wrote:
> If you say «apt-get install firmware-linux-nonfree» it should tell you
> what it is going to do and ask for confirmation if any other packages
> will be installed or removed.

* Matus UHLAR - fantomas <uhlar@fantomas.sk> [181119 11:13]:

I would call this unfortunate, because security update should not bring new
packages unless really needed.


On 20.11.18 13:39, Marvin Renich wrote:

This does not appear to be a security update, but (looking at the
version numbers involved) a release upgrade from jessie to stretch,
though I could be wrong.  Security updates, in general, do not add or
remove dependencies without a real need.  The security team is very
sensitive to this.


It's an update due to a security bug, so I believe it's correct to call it a
security update.

However it happened in jessie that is in LTS state, so it's not the security
but the LTS team who took care of that.

Also, unattended-upgrades does not simply do apt-get
upgrade; I believe it does allow changing dependencies.


I didn't say that, I just noted that both unattended-upgrades and
"apt-get upgrade" seem to behave the same way here.

I'm not sure why you say «apt-get install ...» asking for confirmation
is unfortunate (or were you saying something else?).


unfortunate is that a security update bringsa in a new package when there

seems to be no reason for that.I can understand that for wireshark or clamav if they bring new libraries

with new ABI, but firmware doesn't seem to be the case.

I may be wrong about the reasons of course.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.

I feel like I'm diagonally parked in a parallel universe.

Reply to:

References:
- The following packages have been kept back
  - From: Dave Horsfall <dave@horsfall.org>
- Re: The following packages have been kept back
  - From: Marvin Renich <mrvn@renich.org>
- Re: The following packages have been kept back
  - From: Matus UHLAR - fantomas <uhlar@fantomas.sk>
- Re: The following packages have been kept back
  - From: Marvin Renich <mrvn@renich.org>

Prev by Date: Which system monitor for temperature (mainboard, CPU) and fan values ?
Next by Date: Re: Which system monitor for temperature (mainboard, CPU) and fan values ?
Previous by thread: Re: The following packages have been kept back
Next by thread: Which system monitor for temperature (mainboard, CPU) and fan values ?
Index(es):
- Date
- Thread