Re: non-stable packages infestation

[Teresa e Junior <teresaejunior@gmail.com>]

On Sat, 25 Apr 2015 19:16:24 -0400, Kynn Jones wrote:
> On Sat, Apr 25, 2015 at 6:39 PM, Teresa e Junior
> <teresaejunior@gmail.com> wrote:
> > On Sat, 25 Apr 2015 17:35:29 -0400, Kynn Jones wrote:
> > >       $ apt-cache policy sudo
> > >       sudo:
> > >         Installed: 1.8.5p2-1+nmu2
> > >         Candidate: 1.8.5p2-1+nmu2
> > >         Version table:
> > >        *** 1.8.5p2-1+nmu2 0
> > >               100 /var/lib/dpkg/status
> > >            1.8.5p2-1+nmu1 0
> > >               500 http://debian.csail.mit.edu/debian/ stable/main amd64
> > > Packages
> > >               500 http://ftp.us.debian.org/debian/ stable/main amd64
> > > Packages
> >
> > If you disable a repository, its packages will appear as if they were
> > locally installed (/var/lib/dpkg/status).
>
> Thanks, that's good to know.  I did disable a repo I'd used for
> backports, but replaced with another (I was not being able to connect
> reliably to the first one).

Backports may be related too, but your sudo example is from wheezy 
security, see https://packages.debian.org/search?keywords=sudo

> I'm considering going back to apt, even though most of the advice I've
> read on apt vs aptitude leans in favor of the latter.  After this
> experience, I've lost trust in aptitude.

Probably old advice, apt is the most recommended nowadays.

Teresa e Junior