On Mon, Jul 28, 2008 at 03:20:56PM +0200, Frédéric PICA wrote:
In the tool I'm developping, I rely on the package channel to know if a package was installed because of a security concern or not (never mind if this is a minor one or not) and now I can't be sure of the update type. Is there a more or less simple way to know a package type (security, bugfix, ...) ?
You're overestimating the degree of difference between a "security" fix and "just a bugfix". In other words, you're never going to get what you want because there will always be bugs where people argue about whether it warrants a security label--reference a recent discussion on linux-kernel about this very issue. Time would better be spent testing stable updates for installation rather than trying to classify them; at some point it doesn't really matter whether your machine crashed due to an obscure bug labeled "DOS" or an obscure bug labeled "hard to reproduce CRASH".
Mike Stone