On 2016-08-12, Daniel <dan...@zift.no> wrote: > Is there a problem with the version numbering for the packages > "openssl" and "libssl1.0.0"? It seems I get the version from > jessie/main and that the version from jessie/updates/main is > ignored because of the extra letter in the version number. > Isn't 1.0.1k-3+deb8u5 the prefered version here? If so, then > I suspect lots of Debian stable users are stuck on a version > without the latest security patches, which I would consider > very bad. > > Or is it just me being confused or have missed something? > > - Daniel > > ---Paste > > root:~# apt-get dist-upgrade > Reading package lists... Done > Building dependency tree > Reading state information... Done > Calculating upgrade... Done > 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > root:~# > root:~# apt-cache policy libssl1.0.0 > libssl1.0.0: > Installed: 1.0.1t-1+deb8u2 > Candidate: 1.0.1t-1+deb8u2 > Version table: > *** 1.0.1t-1+deb8u2 0 > 500 http://ftp.no.debian.org/debian/ jessie/main amd64 Packages > 100 /var/lib/dpkg/status > 1.0.1k-3+deb8u5 0 > 500 http://security.debian.org/ jessie/updates/main amd64 Packages > root:~# > root:~# apt-cache policy openssl > openssl: > Installed: 1.0.1t-1+deb8u2 > Candidate: 1.0.1t-1+deb8u2 > Version table: > *** 1.0.1t-1+deb8u2 0 > 500 http://ftp.no.debian.org/debian/ jessie/main amd64 Packages > 100 /var/lib/dpkg/status > 1.0.1k-3+deb8u5 0 > 500 http://security.debian.org/ jessie/updates/main amd64 Packages > root:~# > > ---Paste ends
Note the letters 't' and 'k' in the version strings. Alpha-numeric sorting makes 1.0.1t-1+deb8u2 the preferred version. -- Liam