[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Setting APT::Default-Release prevents installation of security updates in bookworm!?

Hi Paul,

On Sat, Jul 22, 2023 at 03:56:02PM +0800, Paul Wise wrote:
> > One mention I found is in Raphaël and Roland's DAH (now in CC):
> > https://debian-handbook.info/browse/stable/sect.apt-get.html#sect.apt-upgrade
> Probably better to file a bug about this, so it is tracked.

Ah, I didn't realise debian-handbook has a package in the archive :)

Done, Bug#1041706: debian-handbook: Wrong advice on APT::Default-Release preventing security updates.

> > What I don't understand is why the security repo codename wasn't changed to
> > $codename/security? Wouldn't that be handled correctly by APT? Unless the
> > /update string in particular had special handling?
> You will have to ask the apt developers and archive admins about this,
> but at the end of the day reverting it is unlikely to happen, so
> probably it is something everyone will just have to learn to live with.

I've had a quick look at the apt code now and indeed it seems to handle
$codename/$whatever as equivalent to $codename, see metaIndex::CheckDist.

I don't see why we couldn't revert this change. Anybody who's applied the
hack from the bullseye release-notes will be unaffected as the regex will
still match a plain code/suite-name but people who never applied this
advice will get their security updates back.

I've sent a bug to apt as well, just about the doc references for now:
Bug#1041708: apt: Manpages have wrong advice on APT::Default-Release
preventing security updates.

Who do I contact about the archive aspects? FTP-master or the
security-team? The security-team is in CC on the doc bugs so I'm hoping
they will see it anyway.


Reply to: