On Sat, Dec 18, 2010 at 01:08:07PM +0100, Moritz Muehlenhoff wrote: > Traditionally Debian security advisories have included MD5 check sums > of the updated packages.
> Since apt cryptographically enforces the integrity of the archive > for quite some time now, we've decided to finally drop the hash > values from our advisory mails. The side-effect of that is that you are now listing only the source package name, and not anymore the binary package names. But to do the upgrade, the administrator of the machine has to select the binary packages for upgrade, or, to check if the testing/sid version the machine has is new enough, check the installed version of all binary packages built from that source package. So I suggest you list the affected binary packages. Yes, that information is available from e.g. http://packages.debian.org/src:PACKAGE, but the admin might not know that, etc. -- Lionel -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110106085356.ga30...@capsaicin.mamane.lu