Digging a bit further - this machine was manually dist-upgraded on 30-May-2021 (it has -updates enabled, but is set to install only security updates automatically.) That update pulled in libglvnd 1.3.2-1~ubuntu0.20.04.1 (source for libegl1, libglvnd0, etc.)
To upgrade to webkit2gtk 2.34.6-0ubuntu0.20.04.1, u-a must install libopengl0, either 1.3.1-1 from the main archive or 1.3.2-1~ubuntu0.20.04.1 from -updates. However, -updates is not a trusted source for u-a when configured like this, so the only candidate is 1.3.1-1. Unfortunately libopengl0 1.3.1-1 depends on libglvnd0=1.3.1-1, but 1.3.2-1~ubuntu0.20.04.1 is already installed, so u-a would have to downgrade it which is I guess a decision well beyond its pay-grade. I suppose the solution is to find a way to lose the new dependency, obvious answer would be to backport the fixes in webkit2gtk 2.34.6 to 2.34.4? I assume there is some sort of policy on adding new dependencies in security updates? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1963751 Title: focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically installed due to new dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1963751/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
