Web lists-archives.com

Re: Update on my update problem with gnome system.




On Sun 03 Jun 2018 at 20:05:39 (-0400), Kenneth Parker wrote:
> On Fri, May 25, 2018 at 10:02 PM, Kenneth Parker <sea7kenp@xxxxxxxxx> wrote:
> 
> >
> >    <snip>
> >>
> >> >        dist-upgrade
> >> >            dist-upgrade in addition to performing the function of
> >> upgrade, also intelligently
> >> >            handles changing dependencies with new versions of packages;
> >> apt-get has a "smart"
> >> >            conflict resolution system, and it will attempt to upgrade
> >> the most important packages
> >> >            at the expense of less important ones if necessary. The
> >> dist-upgrade command may
> >> >            therefore remove some packages. The /etc/apt/sources.list
> >> file contains a list of
> >> >            locations from which to retrieve desired package files. See
> >> also apt_preferences(5)
> >> >            for a mechanism for overriding the general settings for
> >> individual packages.
> >>
> >> Warning:  Ubuntu ("close enough" to Debian to confuse me, multiple years)
> > regularly requires dist-upgrade to do their frequent Kernel Upgrades,
> > because they change Version Numbers on, among other things, the vmlinuz
> > file.  So, when I do "apt-get upgrade" on the remaining Ubuntu Laptop, I
> > regularly see things like,
> >
> > <snip>
> 
> Wow!  I said "bad things" about Ubuntu regarding this topic but, just
> today, experienced the same kind of thing, with Debian Stretch, regarding
> the vlc "uber Package".  Seems it's replacing libvlccore8 with libvlccore9,
> along with several other replacements!  So Debian also uses this technique
> (dist-upgrade) for, other than "Upgrading the Distribution".
> 
> Sorry about that, Ubuntu.  :-)
> 
> Kenneth Parker

Your criticism of Debian is unjustified.   apt-get dist-upgrade   is
required to upgrade libvlccore8 to libvlccore9 because, of course, the
latter is a different package.

libvlccore8 is based on VLC version 2 and libvlccore9 is based on VLC 3.
VLC is susceptible to DSA-4203 (CVE-2017-17670), so VLC 3 has been fixed
in 3.0.2. As VLC 2.x will not get fixed, stretch had no alternative
but to move from version 2 to 3.

Cheers,
David.