Package: src:linux-latest
Version: 4.9+80+deb9u9
Dear maintainers,
the binary linux-image-4.9.0-11-amd64 (4.9.189-3+deb9u1) provides some
CVE fixes and was released to
stretch-security on 20 Sep 2019. However, the associated meta package on
stretch-security is still
linux-image-amd64 (4.9+80+deb9u6) from 19 Aug 2018, which depends on a
somewhat older linux package 4.9.0-8.
Is this intentional?
In our setup we pull upgrades from stretch-security only, and refer to
linux kernel via the meta package. So we end up
with a slightly outdated linux-image-4.9.0-8-amd64, even if a patched
version was available in stretch-security.