Re: get notice of sec update if package is on hold

[Timo Veith <tv@rz-zw.fh-kl.de>]

Am Monday, 23. August 2004 19:38 schrieb PaulNM:
> Just a note:
>
> I have 149 emails in my deb-sec-announce folder. The earliest is dated
> 12/30/2003, and the latest is 8/18/2004.  Security announce is NOT a
> high volume list, if that's your concern.
>
> PaulNM

High volume is not my concern and of course I am subscribed to 
debian-security-announce. I came across this issue because I patched a 
package, recompiled it and installed it via dpkg. After that apt-get 
upgrade wanted to replace my shiny patched package, which is not what I 
want. Thus I put it on hold.

I also got a daily apt-get update && apt-get upgrade -f script running on 
every machine. It only downloads new packages and mails the results to me 
so I can do the real upgrade. But If a package is on hold, I don't get 
notice of it any more.

I think I have to change my daily update script and make it look somewhere 
else in the system, like Thomas Stemler pointed out.

Just following deb-sec-announce is not automatic enough for me. The debian 
systems I administer know better which packages are installed on them and 
can tell me what should be done.

Please correct me if I am wrong or give me advice how I could do it 
better. Thanks.

Timo