Re: security vs. proposed-updates
Uwe Hees said:
> Hello all,
>
> I have some computers running woddy with woody-proposed-updates. The
> recent sendmail bug revealed the problem that the version number of the
> security fix is less then the (older) version in proposed-updates. Thus
> the sendmail does not get updated and the security hole remains on those
> systems.
>
> What am I, what are others, supposed to do?
you could force install the sendmail from security, then put the
package on hold.
dpkg --get-selections >selections
(edit selections, find sendmail & friends and change install to hold)
dpkg --set-selections <selections
once the new sendmail is in proposed updates, or a newer patched
one is you can apt-get install sendmail and it should override the
package hold status I think(apt-get upgrade won't override package
hold)
and/or don't use proposed updates. I think I used proposed updates
once a couple years back for potato, never needed it since.
nate
Reply to: