* Kitty Box: > Basically I used to use a script to get the packages that debsecan gave as > having security issues and give them to aptitude so they could be > selectively updated. I am unable to do this now due to it not specifying if > the package is of a foreign arch' when using multiarch. I guess this could > be seen as a wishlist request on second thought but I wonder how multiple > packages that have the same name but different arch on multiarch would be > listed anyway, I haven't had time to check.
So it seems debsecan would have to look at the Multi-Arch: header in /var/lib/dpkg/status. Based on <https://wiki.ubuntu.com/MultiarchSpec>, | Multi-Arch: same | | This package is co-installable and it must not be used to satisfy | the dependency of any package of another architecture than its | own. is the only which is co-installable, so this is the only case which should get the :<arch> suffix. This also matches what dpkg does, as far as I can see (in varbuf_add_pkgbin_name and pkgbin_name_needs_arch). I'll give that a try.
