Package: aptitude
Version: 0.6.11-1+b1
Severity: important
Tags: security
Hi.
The following behaviour at least for quite some time (at least several years
I'd say)
already, but so far I've always been too lazy to report it.
Just before I've stumbled over #787653 so I tried which package upgrade could
have
caused the troubles.
Normally I have just sid enabled in sources.list, so I've uncommented testing,
started downgrading a few packages, tried whether evolution starts again... the
usual
game so to say.
Now the problem from aptitude side is, that after the packages have been
downgraded
(in the example above the curl/libcurl packages) it doesn't offer them for
upgrade
anymore, even though unstable is still enabled in sources.list and the newer
packages
are still available.
apt however, still identifies the newer one correctly as candidate version:
# apt-cache policy curl
curl:
Installed: 7.42.1-2
Candidate: 7.42.1-2+b1
Version table:
7.42.1-2+b1 0
500 http://ftp.de.debian.org/debian/ unstable/main amd64 Packages
*** 7.42.1-2 0
500 http://ftp.de.debian.org/debian/ testing/main amd64 Packages
100 /var/lib/dpkg/status
and it would also update it:
# apt-get upgrade --dry-run
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... The following packages were automatically installed and
are no longer required:
<snip snap>
Use 'apt-get autoremove' to remove them.
Done
The following packages will be upgraded:
curl <snip snap>
<snip snap> libcurl3 libcurl3-gnutls <snip snap>
<snip snap>
aptitude however doesn't,... it's not listed in the "Upgradable Packages"
and when pressing "+" on the respective package (which does show both version)
it doesn't select the correct candidate version (it does though when I press "+"
directly on the version).
Neither "Update package list", nor "Clean package cache" or "Clean obsolete
files"
resolves this situation.
But at least this time (I haven't tried that before), "Cancel pending actions"
plus
restarting solved the issue, and the packages re-appeared for upgrade.
So far (as said, I haven't tried the above before), the situation usually
resolved
by itself after a while (I susupect it did when really new Package lists came in
from the repo).
I think I have seen the whole issue even when packages where downgraded, but
when
I had already commented/disabled the "lower" repo (e.g. test) again.
Last but not least, since this may be "used" to accidentally hide security
upgrades,
I selected important as severity. I'd guess a higher severity is not needed,
since
downgrades typically don't happen automatically, so the admin has at least a
clue
that he runs on an older version.
Cheers,
Chris.
_______________________________________________
Aptitude-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/aptitude-devel
