Hi again, Thank you for all the feedback and sorry for the controversy of stating that "mime-support" does not seem like a security update. Actually, I usually will allow the update, for I don't always have the time to try to stay up to date on all the security issues. I simply used this as an example, for my machine wanted to update this immediately and there is no clear indication of why the update should happen. However, what I am after is a way of distinguishing easily between updates. A solution might be to simply include an "upgrade description" that shows you why the update is available.
Looking at unstable this morning [I fully understand the consequences of running unstable, this is simply another example!] davinci:~# apt-get upgrade -u Reading Package Lists... Done Building Dependency Tree... Done The following packages have been kept back alsa-base cpp docbook-xml dpkg e2fsprogs g++ gcc libldap2 libmng1 libpaperg libpng2 mc menu mutt python-newt reportbug samba samba-common shorewall smbclient smbfs swat sysvinit wenglish whiptail xmhtml1 xprt The following packages will be upgraded apt apt-utils aterm bonobo-activation gcc-3.3-base gv libbonobo-activation4 libg2c0 libgcc1 libstdc++5 samba-doc sed 12 packages upgraded, 0 newly installed, 0 to remove and 27 not upgraded. Need to get 4201kB of archives. After unpacking 139kB will be used. Do you want to continue? [Y/n] What I would have like to see was something like this: [Please think of this in terms of "stable" or "testing"] Package Class ==================================== apt Security apt-utils Security aterm Features bonobo-activation Test gcc-3.3-base Test gv Test libbonobo-activation4 Test libg2c0 Test libgcc1 Features libstdc++5 Security samba-doc Test Sed Features And then maybe I could tell apt-get to only load the security patches. Another way would have been to class the updates very much in the same way as dselect does, perhaps showing "Important" or "Crucial" for security fixes. Any ideas? Rudolph > -----Original Message----- > From: Nick Boyce [mailto:[EMAIL PROTECTED] > Sent: 08 May 2003 02:20 AM > To: [email protected] > Subject: Re: Apt-get only security patches > > > On Wed, 7 May 2003 10:35:45 +0200, Rudolph van Graan wrote: > > >... For example on one of my "stable" machines, > >the following happens when I do apt-get upgrade -u: > > > >The following packages will be upgraded > > kdewallpapers mime-support > >2 packages upgraded, 0 newly installed, 0 to remove and 0 > not upgraded. > >Need to get 0B/1030kB of archives. After unpacking 105kB > will be freed. > >Do you want to continue? [Y/n] > > > >Obviously neither is of real security importance > > The mime-support update *is* a security update ! > > See http://www.debian.org/security/2003/dsa-292 > > "When a temporary file is to be used it is created insecurely" > > "allows local users to overwrite arbitrary files via a symlink attack > on temporary files" > > So if you're the only user on the machine then I suppose you needn't > worry. > > Cheers > > Nick Boyce > Bristol, UK > -- > There is no spoon. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
