[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#211356: ssh: package in woody-proposed-updates overwrites security fixed package from security.debian.org!

On Wed, Sep 17, 2003 at 11:26:37AM +0200, Marc Schiffbauer wrote:
> mschiff@pluto:~$ apt-cache policy ssh
> ssh:
>   Installed: 1:3.4p1-1.1
>   Candidate: 1:3.4p1-1.woody.1
>   Version Table:
>      1:3.4p1-1.woody.1 0
>         500 http://ftp.de.debian.org woody-proposed-updates/main
> Packages
>  *** 1:3.4p1-1.1 0
>         500 http://security.debian.org stable/updates/main Packages
>         100 /var/lib/dpkg/status
>      1:3.4p1-1 0
>         500 http://ftp.debian.org woody/main Packages
> mschiff@pluto:~$
> 
> 
> So if one always installs packages from woody-proposed-updates he will
> never get the security fixed update by NMU because 
>   1:3.4p1-1.woody.1 > 1:3.4p1-1.1

This is known and in fact was announced in the DSA. I'm told that this
will be fixed in the next security update.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: