Package priority puzzlement

To: debian-user@lists.debian.org
Subject: Package priority puzzlement
From: craig duncan <gunkilatur@gmail.com>
Date: Tue, 14 Sep 2021 15:56:56 -0700
Message-id: <[🔎] b5615c72-4dde-c01b-e0f8-42c7fab7f563@gmail.com>

I just installed Bullseye after -- as a long-time Debian user -- having had my hard drive corrupted by USB devices.
I used to run testing, so i thought i would get there, but first i wanted to install the apps i wanted, get things working, and then migrate to testing.
During the install, i also enabled security-updates. In fact, i added both sid and testing to my sources.list (after booting into new install).

I'm seeing some strange behavior which i cannot figure out when i go to upgrade or add packages... best demonstrated by the particular cases i am puzzling over.
First:

cat /etc/apt/apt.conf
APT::Default-Release "stable";

And there are 9 pre-installed scripts in /etc/apt/apt.conf.d that i don't believe are relevant to any of this.

So, when i do: "aptitude safe-upgrade":

The following NEW packages will be installed:
libbotan-2-18{a} libidn12{a}
The following packages will be REMOVED:
libbotan-2-17{u}
The following packages will be upgraded:
libgs9 libgs9-common libperl5.32 libssh-gcrypt-4 openssl perl perl-base
perl-modules-5.32 thunderbird
9 packages upgraded, 2 newly installed, 1 to remove and 1 not upgraded.
Need to get 13.0 MB/57.1 MB of archives. After unpacking 252 kB will be used.
Do you want to continue? [Y/n/?]

# aptitude why libidn12
i gimp Depends libgs9 (>= 8.61.dfsg.1)
p A libgs9 Depends libidn12 (>= 1.13)

# apt-cache policy libgs9
libgs9:
Installed: 9.53.3~dfsg-7+deb11u1
Candidate: 9.53.3~dfsg-8
Version table:
     9.53.3~dfsg-8 500
        500 http://deb.debian.org/debian sid/main amd64 Packages
*** 9.53.3~dfsg-7+deb11u1 500
        500 http://security.debian.org/debian-security bullseye-security/main amd64 Packages
        100 /var/lib/dpkg/status
     9.53.3~dfsg-7+b1 500
        500 http://deb.debian.org/debian testing/main amd64 Packages
     9.53.3~dfsg-7 990
        990 http://deb.debian.org/debian bullseye/main amd64 Packages

# apt-cache policy gimp
gimp:
Installed: 2.10.22-4
Candidate: 2.10.22-4
Version table:
     2.10.26-1 500
        500 http://deb.debian.org/debian sid/main amd64 Packages
*** 2.10.22-4 990
        990 http://deb.debian.org/debian bullseye/main amd64 Packages
        500 http://deb.debian.org/debian testing/main amd64 Packages
        100 /var/lib/dpkg/status

# apt-cache show libgs9|egrep 'Version|libidn'
Version: 9.53.3~dfsg-8
Depends: libgs9-common (= 9.53.3~dfsg-8), poppler-data, libc6 (>= 2.29), libcups2 (>= 2.3~b6), libfontconfig1 (>= 2.12.6), libfreetype6 (>= 2.10.1), libidn12 (>= 1.13), libijs-0.35 (>= 0.35), libjbig2dec0 (>= 0.16+20190905), libjpeg62-turbo (>= 1.3.1), liblcms2-2 (>= 2.6), libopenjp2-7 (>= 2.0.0), libpaper1, libpng16-16 (>= 1.6.2-1), libtiff5 (>= 4.0.3), zlib1g (>= 1:1.2.0)
Version: 9.53.3~dfsg-7+deb11u1
Depends: libgs9-common (= 9.53.3~dfsg-7+deb11u1), poppler-data, libc6 (>= 2.29), libcups2 (>= 2.3~b6), libfontconfig1 (>= 2.12.6), libfreetype6 (>= 2.10.1), libidn11 (>= 1.13), libijs-0.35 (>= 0.35), libjbig2dec0 (>= 0.16+20190905), libjpeg62-turbo (>= 1.3.1), liblcms2-2 (>= 2.6), libopenjp2-7 (>= 2.0.0), libpaper1, libpng16-16 (>= 1.6.2-1), libtiff5 (>= 4.0.3), zlib1g (>= 1:1.2.0)
Version: 9.53.3~dfsg-7+b1
Depends: libgs9-common (= 9.53.3~dfsg-7), poppler-data, libc6 (>= 2.29), libcups2 (>= 2.3~b6), libfontconfig1 (>= 2.12.6), libfreetype6 (>= 2.10.1), libidn12 (>= 1.13), libijs-0.35 (>= 0.35), libjbig2dec0 (>= 0.16+20190905), libjpeg62-turbo (>= 1.3.1), liblcms2-2 (>= 2.6), libopenjp2-7 (>= 2.0.0), libpaper1, libpng16-16 (>= 1.6.2-1), libtiff5 (>= 4.0.3), zlib1g (>= 1:1.2.0)
Version: 9.53.3~dfsg-7
Depends: libgs9-common (= 9.53.3~dfsg-7), poppler-data, libc6 (>= 2.29), libcups2 (>= 2.3~b6), libfontconfig1 (>= 2.12.6), libfreetype6 (>= 2.10.1), libidn11 (>= 1.13), libijs-0.35 (>= 0.35), libjbig2dec0 (>= 0.16+20190905), libjpeg62-turbo (>= 1.3.1), liblcms2-2 (>= 2.6), libopenjp2-7 (>= 2.0.0), libpaper1, libpng16-16 (>= 1.6.2-1), libtiff5 (>= 4.0.3), zlib1g (>= 1:1.2.0)

dpkg -l 'libidn1*'|grep '^i'
ii libidn11:amd64 1.33-3 amd64 GNU Libidn library, implementation of IETF IDN specifications

So, libidn11 is currently installed as a dependency of libgs9 from the security source. But it wants to install libidn12, because it's going to install libgs9 from sid!

The other package it wanted to "upgrade" shows a similar issue:

# why libbotan-2-18
___________________________
aptitude why...
i   lxde        Suggests libreoffice
p   libreoffice Suggests firefox-esr | thunderbird | firefox
p   thunderbird Depends libbotan-2-18 (>= 2.18.1+dfsg)

# why libbotan-2-17
___________________________
aptitude why...
iB thunderbird Depends libbotan-2-17 (>= 2.17.3+dfsg)

Why is this broken? I installed thunderbird from testing, it was broken, reinstalled what had been originally installed, from security... all broken.
It *works* perfectly fine.

# apt-cache policy thunderbird
thunderbird:
Installed: 1:78.14.0-1~deb11u1
Candidate: 1:78.14.0-1
Version table:
     1:78.14.0-1 500
        500 http://deb.debian.org/debian sid/main amd64 Packages
*** 1:78.14.0-1~deb11u1 500
        500 http://security.debian.org/debian-security bullseye-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:78.13.0-1 500
        500 http://deb.debian.org/debian testing/main amd64 Packages
     1:78.12.0-1 990
        990 http://deb.debian.org/debian bullseye/main amd64 Packages

# apt-cache policy libbotan-2-17
libbotan-2-17:
Installed: 2.17.3+dfsg-2
Candidate: 2.17.3+dfsg-2
Version table:
     2.17.3+dfsg-3 500
        500 http://deb.debian.org/debian testing/main amd64 Packages
        500 http://deb.debian.org/debian sid/main amd64 Packages
*** 2.17.3+dfsg-2 990
        990 http://deb.debian.org/debian bullseye/main amd64 Packages
        100 /var/lib/dpkg/status

# apt-cache policy libbotan-2-18
libbotan-2-18:
Installed: (none)
Candidate: 2.18.1+dfsg-3
Version table:
     2.18.1+dfsg-3 500
        500 http://deb.debian.org/debian testing/main amd64 Packages
        500 http://deb.debian.org/debian sid/main amd64 Packages

# aptitude install thunderbird
The following NEW packages will be installed:
libbotan-2-18{a}
The following packages will be REMOVED:
libbotan-2-17{u}
The following packages will be upgraded:
thunderbird
1 packages upgraded, 1 newly installed, 1 to remove and 9 not upgraded.
Need to get 0 B/44.1 MB of archives. After unpacking 16.4 kB will be freed.
Do you want to continue? [Y/n/?]

Again, it's trying to install thunderbird from sid! Which is the only one that depends on libbotan-2-18.

It's probably a bad idea to mix security updates and testing (i just added sid to the sources because i want to know what's available, but not install anything from there... yet).
But i'd like some insight into what it's doing and why.
Thanks for any insight.

Reply to:

Follow-Ups:
- Re: Package priority puzzlement
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Re: copy directory tree, mapping to new owners
Next by Date: Re: LTS versions - confusion
Previous by thread: Re: support for xfce in bullseye minimal netinst iso
Next by thread: Re: Package priority puzzlement
Index(es):
- Date
- Thread