On 25/01/2019 19:11, Kent West wrote:
>
>
> On Fri, Jan 25, 2019 at 1:10 PM Kent West <westk@acu.edu
> <mailto:westk@acu.edu>> wrote:
>
>
> $ apt update
> $ apt dist-upgrade
>
>
> Sorry, that should have been
>
> # sudo apt update
> # sudo apt dist-upgrade
>
> or, as root,
>
> # apt update
> # apt dist-upgrade
>
> --
> Kent West <")))><
> Westing Peacefully - http://kentwest.blogspot.com
So in this context what is the differences between upgrade and
dist-upgrade ? I just used apt upgrade and generally use apt
dist-upgrade to go between the main Debian releases, as in 8 -> 9.
Given the apt bug does dist-upgrade do something else.?
If the vulnerability to which you refer is the "lateral movement" bug, it's been around quite a while (2009?), but only recently discovered. It's also been fixed (to my understanding) as of apt 1.4.9, which you say you have.
So the dist-upgrade does not do anything else "given the apt bug".
The basic difference between upgrade and dist-upgrade is that upgrade doesn't remove existing or pull in not-installed stuff, whereas dist-upgrade might. The former is good when you need a box to undergo minimal change; the latter is good when you just want things to "work". The former is probably more suitable for servers, the latter for end-user computers.
I usually do "dist-upgrade" out of habit (as I spend most of my time on end-user computers); but "upgrade" might be, at least theoretically, safer.
--