Re: problem with version numbering in packages openssl and libssl1.0.0?
On Fri, Aug 12, 2016 at 11:24:31AM +0100, Liam O'Toole wrote:
> On 2016-08-12, Daniel <daniel@zift.no> wrote:
> > Is there a problem with the version numbering for the packages
> > "openssl" and "libssl1.0.0"? It seems I get the version from
> > jessie/main and that the version from jessie/updates/main is
> > ignored because of the extra letter in the version number.
> > Isn't 1.0.1k-3+deb8u5 the prefered version here? If so, then
> > I suspect lots of Debian stable users are stuck on a version
> > without the latest security patches, which I would consider
> > very bad.
> >
> > Or is it just me being confused or have missed something?
> >
--Snip
> > root:~# apt-cache policy openssl
> > openssl:
> > Installed: 1.0.1t-1+deb8u2
> > Candidate: 1.0.1t-1+deb8u2
> > Version table:
> > *** 1.0.1t-1+deb8u2 0
> > 500 http://ftp.no.debian.org/debian/ jessie/main amd64 Packages
> > 100 /var/lib/dpkg/status
> > 1.0.1k-3+deb8u5 0
> > 500 http://security.debian.org/ jessie/updates/main amd64 Packages
> > root:~#
> >
> > ---Paste ends
>
> Note the letters 't' and 'k' in the version strings. Alpha-numeric
> sorting makes 1.0.1t-1+deb8u2 the preferred version.
>
> --
>
> Liam
>
I know. I just wondered if that was the intention. I would think that
the one in jessie/updates/main is usually prefered over the ones from
jessie/main
- Daniel
Reply to: