[lug] apt-get
David Morris
lists at morris-clan.net
Tue May 6 08:46:51 MDT 2003
On Mon, May 05, 2003 at 01:25:17PM -0600, jd wrote:
> Hello,
> Sometimes when I apt-get update & upgrade my debain 3.0 testing
> box, it will hold packages back. when i see a message like the
> one below...do i need to worry...from a security standpoint?
You are getting this message because you are using either
the security updates or the testing distribution rather than
purely the stable distribution. What happens is that when a
package is first released to one of these distributions,
sometimes dependancies are not met and apt-get (rightly so)
will not install packages with broken dependancies. When
this is the case, the problem is usually fixed in a couple
of days by the debian package maintainers.
As you are using the testing distribution, you will see this
quite often. If you are worried about security, this in and
of itself does not pose a security risk. It should be
noted, however, that the testing distribution is *not*
secure. If security is one of your primary concerns, you
should be using stable. The reason is that "testing" is
just that: a test. Sometimes you will get broken
dependancies (such as you noted), sometimes you will get
bugs in packages, sometimes you will get security holes.
--David
More information about the LUG
mailing list