Re: sources.list - reasonably stable

[Mark Devin <mdevin@ozemail.com.au>]

"Noah L. Meyerhans" wrote:

> Packages from security.debian.org won't be installed into testing by
> apt-get, because even though they might be "newer", they still are an
> older version of the package, merely patched to fix the security
> problem.

Ohhhh.  I am beginning to see a possible problem in the future for me.

Lets say you did this:

1.  Originally had a potato dist but then decided that you wanted a program with
a
new feature that only existed in "unstable" so you edited your sources.list to
point at unstable and then did apt-get install the_neat_program.  When you did
this
it found a whole heap of dependencies that needed to be upgraded so you got these
too.

2.  Then you decided you didn't want to live in fear so you changed the
sources.list back to "stable"

3.  Then you continued to periodically update your system to make sure you have
all
the security updates.

Unfortunately, it seems that if one of the security updates was in a package
installed from "unstable" then you may never get the security update this way
since
the "stable" patched version will always be an earlier version number.

What would be the best way around this?

Thanks.

Mark.