I usually keep current with the Debian archive using apt-get. Sometimes,
however, I install programs using dselect.
After upgrading to the latest Debian archive using apt-get update/upgrade,
I got the following message while running dselect:
The following packages will be upgraded:
openssh-client openssh-server
It happened on two different similarly configured machines.
I'm pretty sure this has never happened to me before. I have always thought
that upgrading using either apt-get or dselect (using the apt method) were
equivalent, at least with respect to staying current with the archive.
Am I missing something major? Thanks for any illumination.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
05-19-2008, 01:58 AM
"s. keeling"
apt/dselect anomaly
Marty <martyb@ix.netcom.com>:
> I usually keep current with the Debian archive using apt-get. Sometimes,
> however, I install programs using dselect.
>
> After upgrading to the latest Debian archive using apt-get update/upgrade,
> I got the following message while running dselect:
>
> The following packages will be upgraded:
> openssh-client openssh-server
>
> It happened on two different similarly configured machines.
>
> I'm pretty sure this has never happened to me before. I have always thought
> that upgrading using either apt-get or dselect (using the apt method) were
> equivalent, at least with respect to staying current with the archive.
>
> Am I missing something major? Thanks for any illumination.
A major flaw has been discovered in the way Debian has been creating
ssh and ssl keys. I'm surprised anyone's not heard of it yet. Upgrading
those two packages places you in a position to fix the problem as it
affects your systems.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://blinkynet.net/comp/uip5.html Linux Counter #80292
- - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
05-19-2008, 01:25 PM
Daniel Burrows
apt/dselect anomaly
On Sun, May 18, 2008 at 08:33:35PM -0400, Marty <martyb@ix.netcom.com> was heard to say:
> I usually keep current with the Debian archive using apt-get. Sometimes,
> however, I install programs using dselect.
>
> After upgrading to the latest Debian archive using apt-get update/upgrade,
> I got the following message while running dselect:
>
> The following packages will be upgraded:
> openssh-client openssh-server
>
> It happened on two different similarly configured machines.
>
> I'm pretty sure this has never happened to me before. I have always
> thought that upgrading using either apt-get or dselect (using the apt
> method) were equivalent, at least with respect to staying current with
> the archive.
>
> Am I missing something major? Thanks for any illumination.
The latest version of openssh-server depends on openssh-blacklist due
to the security problems with openssl that came up recently. If you
only use "apt-get upgrade", openssh-server won't get upgraded because
"upgrade" refuses to install new packages. Did openssh-blacklist get
installed too when you used dselect?
Daniel
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
05-20-2008, 12:54 AM
Marty
apt/dselect anomaly
Daniel Burrows wrote:
On Sun, May 18, 2008 at 08:33:35PM -0400, Marty <martyb@ix.netcom.com> was heard to say:
I usually keep current with the Debian archive using apt-get. Sometimes,
however, I install programs using dselect.
After upgrading to the latest Debian archive using apt-get update/upgrade,
I got the following message while running dselect:
The following packages will be upgraded:
openssh-client openssh-server
It happened on two different similarly configured machines.
I'm pretty sure this has never happened to me before. I have always
thought that upgrading using either apt-get or dselect (using the apt
method) were equivalent, at least with respect to staying current with
the archive.
Am I missing something major? Thanks for any illumination.
The latest version of openssh-server depends on openssh-blacklist due
to the security problems with openssl that came up recently. If you
only use "apt-get upgrade", openssh-server won't get upgraded because
"upgrade" refuses to install new packages. Did openssh-blacklist get
installed too when you used dselect?
Yes. I had missed the warning about the kept back packages. Thanks.
I have repeated the upgrade with another machine to confirm this explanation:
apt-get update/upgrade outputs in part:
The following packages have been kept back:
openssh-client openssh-server
The following packages will be upgraded:
libssl0.9.8 linux-source-2.6.18 openssl rdesktop ssh
dselect outputs in part:
The following NEW packages will be installed:
openssh-blacklist
The following packages will be upgraded:
openssh-client openssh-server
2 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
apt/dselect anomaly
