I had a wrong configuration in sources.list (for about half a year :-():

deb http://security.debian.org/ stretch/updates main contrib non-free
deb-src http://security.debian.org/ stretch/updates main contrib non-free

which I corrected now:

deb http://security.debian.org/debian-security/ stretch/updates main contrib 
deb-src http://security.debian.org/debian-security/ stretch/updates main 
contrib non-free

Now I see when doing apt-get update:
OK:1 http://ftp.debian.org/debian stretch-updates InRelease
OK:2 http://download.virtualbox.org/virtualbox/debian stretch InRelease         
OK:3 http://linux.teamviewer.com/deb stable InRelease                           
Ign:4 http://ftp.de.debian.org/debian stretch InRelease                         
OK:5 http://linux.teamviewer.com/deb preview InRelease                       
OK:6 http://ftp.de.debian.org/debian unstable InRelease
OK:7 http://ftp.de.debian.org/debian stretch Release 
Holen:8 http://security.debian.org/debian-security stretch/updates InRelease 
[63,0 kB]
Holen:10 http://security.debian.org/debian-security stretch/updates/non-free 
Sources [772 B]
Holen:11 http://security.debian.org/debian-security stretch/updates/main 
Sources [125 kB]
Holen:12 http://security.debian.org/debian-security stretch/updates/contrib 
Sources [1.384 B]
Holen:13 http://security.debian.org/debian-security stretch/updates/main i386 
Packages [341 kB]
Holen:14 http://security.debian.org/debian-security stretch/updates/main amd64 
Packages [340 kB]
Holen:15 http://security.debian.org/debian-security stretch/updates/main 
Translation-en [151 kB]
Holen:16 http://security.debian.org/debian-security stretch/updates/contrib 
i386 Packages [1.776 B]
Holen:17 http://security.debian.org/debian-security stretch/updates/contrib 
amd64 Packages [1.776 B]
Holen:18 http://security.debian.org/debian-security stretch/updates/contrib 
Translation-en [1.759 B]
Holen:19 http://security.debian.org/debian-security stretch/updates/non-free 
i386 Packages [1.268 B]
Holen:20 http://security.debian.org/debian-security stretch/updates/non-free 
amd64 Packages [1.268 B]
Holen:21 http://security.debian.org/debian-security stretch/updates/non-free 
Translation-en [481 B]
Es wurden 1.030 kB in 1 s geholt (664 kB/s).             
Paketlisten werden gelesen... Fertig

But I still do not get the stretch 9.4 security updates, like
firefox-esr for example [1].

However, looking at the package status for firefox-esr [2], there does
not seem to be a [security] update (but maybe it's just designated
differently since stretch?). In any case, that version
(52.6.0esr-1~deb9u1) is installed.

Is that because the 9.4 release pulls in all sec updates in the regular
update channel?

[1] https://www.debian.org/News/2018/20180310
[2] https://packages.debian.org/search?searchon=sourcenames&keywords=firefox-esr

Many Thanks and Best Regards,
Felix Natter

Reply via email to