Ok...still too inexperienced with the backports...and apt...and Debian.
Originally i tried a "dist-upgrade", which failed to upgrade the openjdk-8 packages previously installed from jessie-backports.
I investigated and thought to have found the reported bug as the root cause.Synaptic only ever showed the 20140324 version of ca-certificates-java as current version. Is it not trustworthy with backports?
Thanks to the answers here, i ran ------------------------------------------------------------------------ $ apt-get install -t jessie-backports ca-certificates-java Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be upgraded: ca-certificates-java 1 upgraded, 0 newly installed, 0 to remove and 134 not upgraded. Need to get 14.8 kB of archives. After this operation, 1,024 B of additional disk space will be used.Get:1 http://ftp.de.debian.org/debian/ jessie-backports/main ca-certificates-java all 20161107~bpo8+1 [14.8 kB]
. . . done. ------------------------------------------------------------------------Now Synaptic shows version 20161107~bpo8+1 and a "dist-upgrade" updated the openjdk-8 packages (openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless) successfully.
I am still not sure, as to why the "dist-upgrade" did not update the ca-certificates-java to 20161107~bpo8+1 automatically in the first place. Possibly because the ca-certificates-java dependency for openjdk-8-jre-headerless has no minimum version specified?
Thank you all and best regards, Henner Heck
smime.p7s
Description: S/MIME Cryptographic Signature
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.