* [Sat, Jan 22, 2022 at 11:09:20AM +0100] Stefan Fritsch:

I think the bullseye-security codename should be "bullseye" instead.
Or am I missing something

The repo naming scheme has changed with bullseye. I do not have the announcement at hands, however the old '<codename>/updates' is now '<codename>-security', see https://www.debian.org/security/.

Hth,
Gian Piero.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

I have noticed that the latest linux security update is not installed on
my box. The package is available in

# apt-cache policy linux-image-amd64
linux-image-amd64:
Installed: 5.10.84-1
Candidate: 5.10.84-1
Version table:
5.15.15-1 500
500 http://mirror.hetzner.de/debian/packages unstable/main
amd64 Packages
5.10.92-1 500
500 http://security.debian.org bullseye-security/main amd64
Packages
*** 5.10.84-1 990
990 http://mirror.hetzner.de/debian/packages bullseye/main
amd64 Packages
100 /var/lib/dpkg/status


But apt-get dist-upgrade does not install it. I have

# cat /etc/apt/apt.conf.d/11-default-release
APT::Default-Release "bullseye";

and bullseye-security has

# grep -i code /var/lib/apt/lists/security.debian.org_dists_bullseye-security_InRelease Codename: bullseye-security

while on buster, it's:

$ grep -i code /var/lib/apt/lists/security.debian.org_dists_buster_updates_InRelease
Codename: buster

No -security there.

I have no apt pinning configured on my box.

I think the bullseye-security codename should be "bullseye" instead. Or
am I missing something

Cheers,
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Viktor,

Am 22.01.22 um 11:34 schrieb SZÉPE Viktor:

Idézem/Quoting Stefan Fritsch <sf@sfritsch.de>:

I have noticed that the latest linux security update is not installed
on my box. The package is available in

# apt-cache policy linux-image-amd64
linux-image-amd64:
  Installed: 5.10.84-1
  Candidate: 5.10.84-1
  Version table:
     5.15.15-1 500
        500 http://mirror.hetzner.de/debian/packages unstable/main
amd64 Packages
     5.10.92-1 500
        500 http://security.debian.org bullseye-security/main amd64 >> Packages
 *** 5.10.84-1 990
        990 http://mirror.hetzner.de/debian/packages bullseye/main
amd64 Packages
        100 /var/lib/dpkg/status

Hello Stefan!

Try adding

deb http://deb.debian.org/debian-security bullseye-security main contrib non-free

Please see https://wiki.debian.org/NewInBullseye#Changes

This does not change anything and I did not expect it to. It would be
rather strange if different URLs had different code-name settings. It is
not that apt cannot load the lists, it just does not recognize that bullseye-security is the same as bullseye.

Cheers,
Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a cryptographically signed message in MIME format.

Idézem/Quoting Stefan Fritsch <sf@sfritsch.de>:

Hi,

I have noticed that the latest linux security update is not
installed on my box. The package is available in

# apt-cache policy linux-image-amd64
linux-image-amd64:
Installed: 5.10.84-1
Candidate: 5.10.84-1
Version table:
5.15.15-1 500
500 http://mirror.hetzner.de/debian/packages unstable/main
amd64 Packages
5.10.92-1 500
500 http://security.debian.org bullseye-security/main amd64 Packages
*** 5.10.84-1 990
990 http://mirror.hetzner.de/debian/packages bullseye/main
amd64 Packages
100 /var/lib/dpkg/status

Hello Stefan!

Try adding

deb http://deb.debian.org/debian-security bullseye-security main
contrib non-free

Please see https://wiki.debian.org/NewInBullseye#Changes


SZÉPE Viktor, webes alkalmazás üzemeltetés / Running your application https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md
~~~
ügyelet 🌶️ hotline: +36-20-4242498 sms@szepe.net skype: szepe.viktor Budapest, III. kerület





MIIX3AYJKoZIhvcNAQcCoIIXzTCCF8kCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg ghThMIIFDjCCA/agAwIBAgIRAKowUB2LK5C1DI7mjU+7LfUwDQYJKoZIhvcNAQELBQAwgZYxCzAJ BgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQx GDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwGA1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1 dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwHhcNMjEwNDA4MDAwMDAwWhcNMjIwNDA4 MjM1OTU5WjAhMR8wHQYJKoZIhvcNAQkBFhB2aWt0b3JAc3plcGUubmV0MIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAtpYPVRAFzAMTkzmI+yo1UpZnETypXJJFqEWg2g2xnHnI+YT6zcIe GYWl4i+iXfLNNuY+04XR+EE+jRZL+KIQuvO3e3Mdk7xI1iFc6CaexG+anXH3lLOaGa7DZnb/g0Lo YzeBxwgDyEkEhZxPxTZrk14hnKjD7Qy7RSjzCViYCEywYO4SvkgG+KkdkJESLrtuHJ1F1dUDxgBM SNbmZIwTCZUXvgSQCD9yTViNMmm7955IaXwKuWQbhIWsK0d4000/e5eZ2hH097PiF81KzXC89eXo gxbNPyuCKKdDQ5W2K2DZ/kmYd5BmGhsT2vOWZ4s1lDEgP1Hu/DRuTyNgPYBfFQIDAQABo4IByTCC AcUwHwYDVR0jBBgwFoAUCcDy/AvalNtf/ivfqJlCz8ngrQAwHQYDVR0OBBYEFNdTFKrlFEDgDOGU Zem/sZo2EG6TMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMEBggrBgEFBQcDAjBABgNVHSAEOTA3MDUGDCsGAQQBsjEBAgEBATAlMCMGCCsGAQUFBwIBFhdo dHRwczovL3NlY3RpZ28uY29tL0NQUzBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLnNlY3Rp Z28uY29tL1NlY3RpZ29SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3Js MIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2Vj dGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcnQwIwYIKwYBBQUH MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMBsGA1UdEQQUMBKBEHZpa3RvckBzemVwZS5uZXQw DQYJKoZIhvcNAQELBQADggEBAEqZoqV2PS0J3PL8pZe5F8avFi/zxWp6iiVjrQv4sRjg8LYMYlZx +PJ6hyX5fIP5TxuTanHcVmSTcFjVm9qt56iCvlSWvWC4KJ0eQEgHP1ppCiHAbtV1NJoH57zCxIr7 TahiNowh+24kZC/C1zOEZZmnakW8By6i0Vey38Fakj7vvr798fy4R2jQ9UUaihS+h8L5ZuD8qorW KkfQb0gLzMl7K6OXJsGlrXqydCsqY9vPQUr5OXZPMuJzOkoNwHG7+SzlyEz+Nx/DnND5DZXLUP9J vBE/Lx8hrcFi+2oBieePtf+7UD/ziYoEzuk3TRZYQRxZ05UQRcW04bMriCY0twUwggQyMIIDGqAD AgECAgEBMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSEw HwYDVQQDDBhBQUEgQ2VydGlmaWNhdGUgU2VydmljZXMwHhcNMDQwMTAxMDAwMDAwWhcNMjgxMjMx MjM1OTU5WjB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENl cnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkCd9G7h 6naHHE1FRI6+RsiDBp3BKv4YH47kAvrzq11QihYxC5oG0MVwIs1JLVRjzLZuaEYLU+rLTCTAvHJO 6vEVrvRUmhIKw3qyM2Di2olV8yJY897cz++DhqKMlE+faPKYkEaEJ8d2v+PMNSyLXgdkZYLASLCo kflhn3YgUKiRx2a163hiA1bwihoT6jGjHqCZ/Tj29icyWG8H9Wu4+xQrr7eqzNZjX3OM2gWZqDio yxd4NlGs6Z70eDqNzw/ZQuKYDKsvnw4B3u+fmUnxLd+sdE0bmLVHxeUp0fmQGMdinL6DxyZ7Pool x8DdneY1aBAgnY/Y3tLDhJwNXugvyQIDAQABo4HAMIG9MB0GA1UdDgQWBBSgEQojPpbxB+zirynv gqV/0DCktDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zB7BgNVHR8EdDByMDigNqA0 hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA2oDSg MoYwaHR0cDovL2NybC5jb21vZG8ubmV0L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqG SIb3DQEBBQUAA4IBAQAIVvwC8Jvo/6T61nvGRIDOT8TF9gBYzKa2vBRJaAR26ObuXewCD2DWjVAY TyZOAePmsKXuv7x0VEG//fwSuMdPWvSJYAV/YLcFSvP28cK/xLl0hrYtfWvM0vNG3S/G4GrDwzQD LH2W3VrCDqcKmcEFi6sML/NcOs9sN1UJh95TQGxY7/y2q2VuBPYb3DzgWhXGntnxWUgwIWUDbOzp IXPsmwOh4DetoBUYj/q6As6nLKkQEyzU5QgmqyKXYPiQXnTUoppTvfKpaOCibsLXbLGjD56/62jn VvKu8uMrODoJgbVrhde+Le0/GreyY+L1YiyC1GoAQVDxOYOflek2lphuMIIFgTCCBGmgAwIBAgIQ OXJEOvkit1HX02wQ3TE1lTANBgkqhkiG9w0BAQwFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAw MFoXDTI4MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQw EgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00ytUINh4qogTQktZAnczomfzD2p 7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NCtnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk 23+jBvGIGGqQIjy8/hPwhxR79uQfjtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfb IWax1Jt4A8BQOujM8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+ O2hmAUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiVZ4vuPVb+ DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9N6frXTpsNVzbQdcS2qlJ C9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sFqV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOs IzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+x UGUJ5lhCLkMaTLTwJUdZ+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4 Diup8kyXHAc/DVL17e8vgg8CAwEAAaOB8jCB7zAfBgNVHSMEGDAWgBSgEQojPpbxB+zirynvgqV/ 0DCktDAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgGGMA8GA1Ud EwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j cmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgw JjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBDAUAA4IB AQAYh1HcdCE9nIrgJ7cz0C7M7PDmy14R3iJvm3WOnnL+5Nb+qh+cli3vA0p+rvSNb3I8QzvAP+u4 31yqqcau8vzY7qN7Q/aGNnwU4M309z/+3ri0ivCRlv79Q2R+/czSAaF9ffgZGclCKxO/WIu6pKJm BHaIkU4MiRTOok3JMrO66BQavHHxW/BBC5gACiIDEOUMsfnNkjcZ7Tvx5Dq2+UUTJnWvu6rvP3t3 O9LEApE9GQDTF1w52z97GA1FzZOFli9d31kWTz9RvdVFGD/tSo7oBmF0Ixa1DVBzJ0RHfxBdiSpr hTEUxOipakyAvGp4z7h/jnZymQyd/teRCBaho1+VMIIGEDCCA/igAwIBAgIQTZQsENQ74JQJxYEt OisGTzANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkx FDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAs BgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAyMDAw MDAwWhcNMzAxMjMxMjM1OTU5WjCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFu Y2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT4wPAYD VQQDEzVTZWN0aWdvIFJTQSBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBD QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMo87ZQKQf/e+Ua56NY75tqSvysQTqoa vIK9viYcKSoq0s2cUIE/bZQu85eoZ9X140qOTKl1HyLTJbazGl6nBEibivHbSuejQkq6uIgymiqv TcTlxZql19szfBxxo0Nm9l79L9S+TZNTEDygNfcXlkHKRhBhVFHdJDfqB6Mfi/Wlda43zYgo92yZ OpCWjj2mz4tudN55/yE1+XvFnz5xsOFbme/SoY9WAa39uJORHtbC0x7C7aYivToxuIkEQXaumf05 Vcf4RgHs+Yd+mwSTManRy6XcCFJE6k/LHt3ndD3sA3If/JBz6OX2ZebtQdHnKav7Azf+bAhudg7P kFOTuRMCAwEAAaOCAWQwggFgMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1Ud DgQWBBQJwPL8C9qU21/+K9+omULPyeCtADAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMFAG A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0 aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6 Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAQUR1AKs5whX1 3o6VbTJxaIwA3RfXehwQOJDI47G9FzGR87bjgrShfsbMIYdhqpFuSUKzPM1ZVPgNlT+9istp5UQN RsJiD4KLu+E2f102qxxvM3TEoGg65FWM89YN5yFTvSB5PelcLGnCLwRfCX6iLPvGlh9j30lKzcT+ mLO1NLGWMeK1w+vnKhav2VuQVHwpTf64ZNnXUF8p+5JJpGtkUG/XfdJ5jR3YCq8H0OPZkNoVkDQ5 CSSF8Co2AOlVEf32VBXglIrHQ3v9AAS0yPo4Xl1FdXqGFe5TcDQSqXh3TbjugGnG+d9yZX3lB8bw c/Tn2FlIl7tPbDAL4jNdUNA7jGee+tAnTtlZ6bFz+CsWmCIb6j6lDFqkXVsp+3KyLTZGXq6F2nnB tN4t5jO3ZIj2gpIKHAYNBAWLG2Q2fG7Bt2tPC8BLC9WIM90gbMhAmtMGquITn/2fORdsNmaV3z/s PKuIn8DvdEhmWVfh0fyYeqxGlTw0RfwhBlakdYYrkDmdWC+XszE19GUi8K8plBNKcIvyg2omAdeb rMIHiAHAOiczxX/aS5ABRVrNUDcjfvp4hYbDOO6qHcfzy/uY0fO5ssebmHQREJJA3PpSgdVnLern F6pthJrGkNDPeUI05svqw1o5A2HcNzLOpklhNwZ+4uWYLcAi14ACHuVvJsmzNicxggK/MIICuwIB ATCBrDCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE BxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT4wPAYDVQQDEzVTZWN0aWdvIFJT QSBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIRAKowUB2LK5C1DI7m jU+7LfUwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMjIwMTIyMTAzNDExWjAvBgkqhkiG9w0BCQQxIgQgfeO9ATCXRy2b0MO7ExKfmhtn Xs9kqxXouiDDu6/RU/YweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEW MAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAw BwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAtSzl34jIMyiPzymTHNg4 VTQ+566/gLFMYD3Jia+B/j6IAZvTyv9VBUERvDWcM4M9ATgG5Z4krkzHf5zXw0V/++mTVQ2SGDbh CDinVlcJ/6kLVm+45Fd7TqQXsHHbHgd++bqW5HgEsWRfbsCRmR8wEFRF9OyG/Tx7kUJ9R1D+sbo7 gQNDybF3iA4vllafOhzGKgEbqTbnWWGNlVyvszYy95CdLsvZgvgNOV2qcqDG6KBVJi5g9qk9zy4z qOBtSSJ7F63KCDV6xpqfeQMsPm+AwktsU/HmpLRvEmC8e3cUIyS02NCPii1Ry8Rc/f6eJ2SpS7z2 mIe1/VjAi/Oqk2RP9g==

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22.01.22 11:09, Stefan Fritsch wrote:

 *** 5.10.84-1 990

The 990 looks like pinning for me.

Best regards
Ulf

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Stefan Fritsch <sf@sfritsch.de> writes:

# cat /etc/apt/apt.conf.d/11-default-release
APT::Default-Release "bullseye";

Just don't do that. It breaks all normal preferences and will end up preferring "bullseye" over anything else. Including
"bullseye-security".

Use preferences instead if you need to tweak anything. See
apt_preferences(5)


Bjørn

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Am 22.01.22 um 21:07 schrieb Bjørn Mork:

Stefan Fritsch <sf@sfritsch.de> writes:

# cat /etc/apt/apt.conf.d/11-default-release
APT::Default-Release "bullseye";

Just don't do that. It breaks all normal preferences and will end up preferring "bullseye" over anything else. Including
"bullseye-security".

This used to work until buster. But it turns out the release-notes
mention this problem and the correct syntax is now:

APT::Default-Release "/^bullseye(|-security|-updates)$/";


The failure mode of silently not installing security updates is bad,
though. But I don't see an easy way to fix that. Maybe apt should print
a warning if one uses a simple codename as Default-Release?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 1/23/22, Stefan Fritsch <sf@sfritsch.de> wrote:

Am 22.01.22 um 21:07 schrieb Bjørn Mork:

Stefan Fritsch <sf@sfritsch.de> writes:

# cat /etc/apt/apt.conf.d/11-default-release
APT::Default-Release "bullseye";

Just don't do that. It breaks all normal preferences and will end up
preferring "bullseye" over anything else. Including
"bullseye-security".

This used to work until buster. But it turns out the release-notes
mention this problem and the correct syntax is now:

APT::Default-Release "/^bullseye(|-security|-updates)$/";

The failure mode of silently not installing security updates is bad,
though. But I don't see an easy way to fix that. Maybe apt should print
a warning if one uses a simple codename as Default-Release?

Congratulations on finding the fix. That's cool. It falls in line with
how the repositories are declared.

With respect to a proposed warning, I spent years naively a-suming
that security updates were part of the primary, single line repository declaration. A little 4-watt light bulb went off overhead during a
Debian-User exchange a couple years ago. Prior to that thread, I'd
been on outside security tech lists and had seen major update
advisories but could never figure out why I was not seeing those same
packages update on my Debian.

This type of ongoing warning might upset some longstanding Users...
unless there was a way to have it only be once a month.. or.. maybe
have a way to trigger it off permanently via the command line
interface for e.g. apt and apt-get.

Another alternative could evolve into a teaching moment by having a
warning state where to turn the warning OFF in e.g. an apt or apt-get
config file. It could be something like the very fix found for this
current thread.

That might lead newer users to explore those types of files more and
thus learn more about the inner workings of Debian. It was something
along those lines that triggered my interest in regularly tearing into
my own install's files a number of years ago now. :)

Cindy :)
--
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA
* runs with birdseed *

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)