[apt] Disabling upgrade to insecure packages

Is there a way to configure apt to disable the upgrade to insecure versions of packages? For the moment, I can't use 'apt-get dist-upgrade' as it propose me to upgrade to * libpng2-dev (1.0.12-6 Debian:testing) * libpng2 (1.0.12-6 Debian:testing) * xpdf (1.01-3 Debian:testing) (I chose to do

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 01:43:05PM +0100, Vincent Lefevre wrote: > Is there a way to configure apt to disable the upgrade to insecure > versions of packages? > ... What does your /etc/apt/sources.list look like? Johann -- Johann Spies Telefoon: 021-808 4036 Informasietegnologie, Univer

Re: [apt] Disabling upgrade to insecure packages

Is there a way to configure apt to disable the upgrade to insecure versions of packages? For the moment, I can't use 'apt-get dist-upgrade' as it propose me to upgrade to * libpng2-dev (1.0.12-6 Debian:testing) * libpng2 (1.0.12-6 Debian:testing) * xpdf (1.01-3 Debian:testing) (I chose to d

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 15:01:25 +0200, Johann Spies wrote: > On Fri, Jan 10, 2003 at 01:43:05PM +0100, Vincent Lefevre wrote: > > Is there a way to configure apt to disable the upgrade to insecure > > versions of packages? > ... > > What does your /etc/apt/sources.list look like? deb ftp://ftp.f

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 01:43:05PM +0100, Vincent Lefevre wrote: > Is there a way to configure apt to disable the upgrade to insecure > versions of packages? Put it on hold: http://www.debian.org/doc/FAQ/ch-pkg_basics.en.html#s-puttingonhold -- Jamin W. Collins -- To UNSUBSCRIBE, email t

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 02:30:57PM +0100, Vincent Lefevre wrote: > On Fri, Jan 10, 2003 at 15:01:25 +0200, Johann Spies wrote: > > On Fri, Jan 10, 2003 at 01:43:05PM +0100, Vincent Lefevre wrote: > > > Is there a way to configure apt to disable the upgrade to insecure > > > versions of packages? >

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 15:52:02 +0200, Johann Spies wrote: > Replace all the occurences of "testing" in the file with "stable" and > uncomment the lines with "unstable" in. I don't want to switch to stable!!! -- Vincent Lefèvre <[EMAIL PROTECTED]> - Web: - 100% validate

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 07:38:12 -0600, Jamin W. Collins wrote: > On Fri, Jan 10, 2003 at 01:43:05PM +0100, Vincent Lefevre wrote: > > > Is there a way to configure apt to disable the upgrade to insecure > > versions of packages? > > Put it on hold: > >http://www.debian.org/doc/FAQ/ch-pkg_ba

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 03:52:02PM +0200, Johann Spies wrote: > Replace all the occurences of "testing" in the file with "stable" and > uncomment the lines with "unstable" in. Perhaps you meant to "comment" them, rather than "uncomment" them? -- Jamin W. Collins -- To UNSUBSCRIBE, email to [

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 03:30:52PM +0100, Vincent Lefevre wrote: > On Fri, Jan 10, 2003 at 07:38:12 -0600, Jamin W. Collins wrote: > > > Put it on hold: > > > >http://www.debian.org/doc/FAQ/ch-pkg_basics.en.html#s-puttingonhold > > How can I do this with apt? apt will respect the hold set t

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 10:44:34 -0600, Jamin W. Collins wrote: > On Fri, Jan 10, 2003 at 03:30:52PM +0100, Vincent Lefevre wrote: > > On Fri, Jan 10, 2003 at 07:38:12 -0600, Jamin W. Collins wrote: > > > > > Put it on hold: > > > > > >http://www.debian.org/doc/FAQ/ch-pkg_basics.en.html#s-put

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 06:02:11PM +0100, Vincent Lefevre wrote: > But I still want to be able to install automatically non-insecure > versions of the package. In fact, I'd like to put on hold only the > current version of the package. There is nothing (that I know of) in the packaging system to

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 11:36:27 -0600, Jamin W. Collins wrote: > There is nothing (that I know of) in the packaging system to know which > packages are secure and which are not. You would need to put the > package on hold during the insecure times and remove it from hold after. Well, if one coul

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 07:04:37PM +0100, Vincent Lefevre wrote: > Well, if one could put on hold a particular version of a package > (given by the user), it would be better than nothing. Is there a > way to do this? You could grab the source, edit the changelog to incriment the version, and reco

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 12:27:01PM -0600, Jamin W. Collins wrote: > On Fri, Jan 10, 2003 at 07:04:37PM +0100, Vincent Lefevre wrote: > > > Well, if one could put on hold a particular version of a package > > (given by the user), it would be better than nothing. Is there a > > way to do this? > >

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 12:27:32 -0800, Bob Nielsen wrote: > In most cases of security alerts, both stable and unstable get prompt > updates with the necessary fixes, but testing does not (until the > unstable version migrates downward). I'm running testing and have used > 'apt-get -b source' to g

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 10:32:44PM +0100, Vincent Lefevre wrote: > On Fri, Jan 10, 2003 at 12:27:32 -0800, Bob Nielsen wrote: > > In most cases of security alerts, both stable and unstable get prompt > > updates with the necessary fixes, but testing does not (until the > > unstable version migrates

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 22:59:36 +0100, Frank Gevaerts wrote: > If you do this, dependencies will be consistent, but not equal to those > in the outside world. basically, there are 3 kinds of dependencies : > - build-dependencies : these aren't really a problem here > - dynamically-made library dep

Re: [apt] Disabling upgrade to insecure packages

On Sat, Jan 11, 2003 at 12:39:24AM +0100, Vincent Lefevre wrote: > I don't understand. How will "apt-get upgrade" know when to upgrade > locally-built packages? Normally, when the version of the package in the pool has a higher version number number. -- Jamin W. Collins -- To UNSUBSCRIBE, em

Re: [apt] Disabling upgrade to insecure packages

On Fri, 10 Jan 2003 19:04:37 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > On Fri, Jan 10, 2003 at 11:36:27 -0600, Jamin W. Collins wrote: >> There is nothing (that I know of) in the packaging system to know which >> packages are secure and which are not. You would need to put the >> package

Re: [apt] Disabling upgrade to insecure packages

On Sun, Jan 12, 2003 at 06:05:47 +, Faheem Mitha wrote: > On Fri, 10 Jan 2003 19:04:37 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > > Well, if one could put on hold a particular version of a package > > (given by the user), it would be better than nothing. Is there a > > way to do this?

Re: [apt] Disabling upgrade to insecure packages

On Sun, 12 Jan 2003 11:12:40 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > On Sun, Jan 12, 2003 at 06:05:47 +, Faheem Mitha wrote: >> On Fri, 10 Jan 2003 19:04:37 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: >> > Well, if one could put on hold a particular version of a package >> > (

Re: [apt] Disabling upgrade to insecure packages

On Sun, 12 Jan 2003 11:12:40 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > On Sun, Jan 12, 2003 at 06:05:47 +, Faheem Mitha wrote: >> On Fri, 10 Jan 2003 19:04:37 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: >> > Well, if one could put on hold a particular version of a package >> > (

Re: [apt] Disabling upgrade to insecure packages

On Sun, Jan 12, 2003 at 15:46:36 +, Faheem Mitha wrote: > Really? This is not what the apt_preferences man page says. In > particular > > "Each package may be pinned to a specific version and each Packages > file has a priority for every package inside. The highest priority > assigned to a pac

Re: [apt] Disabling upgrade to insecure packages

On Sun, Jan 12, 2003 at 15:57:04 +, Faheem Mitha wrote: > If you want a particular version not to be installed, then give it a > Pin lower than 100 and it will never be installed if there is another > installable version in your sources. This is what the manual says, but this doesn't work. I

Re: [apt] Disabling upgrade to insecure packages

Vincent Lefevre wrote: On Sun, Jan 12, 2003 at 15:57:04 +, Faheem Mitha wrote: If you want a particular version not to be installed, then give it a Pin lower than 100 and it will never be installed if there is another installable version in your sources. This is what the manual says, but

Re: [apt] Disabling upgrade to insecure packages

On Fri, Jan 10, 2003 at 08:46:09AM -0600, Jamin W. Collins wrote: > On Fri, Jan 10, 2003 at 03:52:02PM +0200, Johann Spies wrote: > > > Replace all the occurences of "testing" in the file with "stable" and > > uncomment the lines with "unstable" in. > > Perhaps you meant to "comment" them, rather

Re: [apt] Disabling upgrade to insecure packages

On Sun, 12 Jan 2003 18:15:46 +0100, Vincent Lefevre <[EMAIL PROTECTED]> wrote: > On Sun, Jan 12, 2003 at 15:46:36 +, Faheem Mitha wrote: >> Really? This is not what the apt_preferences man page says. In >> particular >> >> "Each package may be pinned to a specific version and each Packages >>

Re: [apt] Disabling upgrade to insecure packages

On Mon, Jan 13, 2003 at 19:21:37 +, Faheem Mitha wrote: > You can remove those lines once 4.3 is available. There is no way for > apt to know which version you want to upgrade to unless you tell it. But I wouldn't know when a package would be available (there are several packages I have to tra