On Friday 16 September 2005 04:47 am, Michal Politowski wrote: > It looks like aptitude puts only packages downloaded from > security.debian.org into the 'Security Updates' group. > Thus getting security updates from mirrors, including automatic ones > created with apt-proxy and the like, means they will be categorized > as 'Upgradable Packages'. > Not that this is much of a problem in practice, but maybe some > other reliable method of recognizing them can be created.
Yep, that's exactly what it does. I don't know of any good way to estimate this information automatically (at the moment). Some possibilities I can see are: * Add a flag indicating that "this is a security-related source" to Release. * Add an option that can list additional sources that are security-related. * Add a "security" tag to .deb files or Packages. The first option seems ideal as a replacement for what aptitude does now; the second needs manual intervention, but has the advantage that it can be implemented tomorrow [literally]; and the third one has the property that you could theoretically flag security updates in unstable too. I'll probably go ahead and add an aptitude configuration option; maybe in the future it will be possible to add a more generic way of recognizing security updates. Daniel -- /------------------- Daniel Burrows <[EMAIL PROTECTED]> ------------------\ | "He is so predictable, we could emulate | | him with a two-state Turing Machine." | \- Does your computer have Super Cow Powers? ------- http://www.debian.org -/
pgpnKj95nQpG1.pgp
Description: PGP signature
