On Mon, 26 Dec 2016 14:40:05 +0100 (CET) <34tg...@tutanota.com> wrote:
> I use Debian 8 64bit with GNOME installed with standard install > procedure from netinstall and using tasksel. This occured to me the > second time. First time was a year ago, I reinstalled Debian then and > a year after this happens again. Both occurences were on Debian 8, > stable at the time. I have seen this as well and know under which circumstances this happens: a) backports repository is enabled in source.list (obviously) b) "apt update" is run and all normal repositories fail to download or are invalid When this happens, apt will happily upgrade all packages where a backported version exists to that version. Why? Because of the pin value of a package in such a case. For example: # apt-cache policy exim4 exim4: Installed: 4.84.2-2+deb8u2 Candidate: 4.84.2-2+deb8u2 Version table: 4.88~RC6-2~bpo8+1 0 100 http://deb.debian.org/debian/ jessie-backports/main amd64 Packages *** 4.84.2-2+deb8u2 0 500 http://deb.debian.org/debian-security/ jessie/updates/main amd64 Packages 500 http://security.debian.org/ jessie/updates/main amd64 Packages 100 /var/lib/dpkg/status 4.84.2-2+deb8u1 0 500 http://deb.debian.org/debian/ jessie/main amd64 Packages The backports pacakges has a value of 100 as has the installed package. The package from the normal repository is at 500 and thus the candidate. If the normal repositories fail to download and are invalid the backported package and the installed package both are the only candidates left (and are both at the same pin value) and because the backported package has a higher version it is installed. Workaround: Have more than one mirror configured so that the chance is higher that at least one is valid. Grüße, Sven.