Package: autopkgtest Version: 5.35 Severity: normal X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
When using autopkgtest-build-* tools that prepare autopkgtest images from pre-built images, sometimes we end up with images with dependency problems because the pre-built images come with packages from -security baked in. For example, at the moment the incus images:debian/bookworm/amd64 image contains this libc6: $ apt-cache policy libc6 libc6: Installed: 2.36-9+deb12u7 Candidate: 2.36-9+deb12u7 Version table: *** 2.36-9+deb12u7 500 500 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages 100 /var/lib/dpkg/status 2.36-9+deb12u4 500 500 http://deb.debian.org/debian bookworm/main amd64 Packages Note that the installed version comes from bookworm-security. The setup-testbed script clears the existing sources (which would include -security) and only adds bookworm, which can cause installability problems of build or test dependencies. For example libc6-dev is uninstallable in the above situation, as the installed libc6 requires the libc6-dev version from -security, which is not available. This can be fixed by making setup-testbed add the security repository. This already happens when building Ubuntu images (there's code in setup-testbed to detect those), so this is a problem specific to Debian. If we agree this is a bug and on the solution, I'll prepare a MP with it. -- Paride